First Target exec resigns after breach
The chief information officer at Target has resigned — the highest-level executive to leave since the huge data breach.
The New York Times
Target said Wednesday that its chief information officer had resigned, the first high-level executive to depart after an enormous breach of customer data late last year that put a dent in profits.
The company will hire an interim information officer while it searches for an outsider to replace Beth Jacob, said Gregg Steinhafel, Target’s chief executive.
“While we are still in the process of an ongoing investigation, we recognize that the information-security environment is evolving rapidly,” Steinhafel said. “To ensure that Target is well-positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target.”
In her letter of resignation, Jacob said she was stepping down “effective immediately,” but she made no mention of the data breach.
“This is a difficult decision after 12 rewarding years with the company I love,” Jacob said. “But this is a good time for a change.”
Jacob first joined Target in 1984 as an assistant buyer, according to the Target website. She left the company for a time, and then returned in 2002. She had been vice president of Target Technology Services and chief information officer since 2008.
On Dec. 19, during the final days of the holiday shopping season, the company publicly confirmed that credit- and debit-card information for 40 million of its customers had been compromised. A few weeks later, the company announced that another batch of data, personal information on some 70 million customers, had been stolen as well.
The breach at Target was believed to have been perpetrated by a group of criminals in Eastern Europe who installed malware on the company’s system to siphon away customer information, according to two people involved in the investigation who were not authorized to speak publicly.
One law-enforcement official said the criminals were believed to have gained access to Target’s system using the login credentials of one of the retailer’s vendors, a Pennsylvania-based company that provided air-conditioning, heating and refrigeration services.
Since the Target breach became public, several other retailers have acknowledged the theft of customer information, including Neiman Marcus and Michaels. On Wednesday, Sally Beauty, which sells beauty products at 2,600 stores throughout the United States, said it was investigating a possible breach.
But so far, the Target breach appears to have affected the most people. The breaches at Target and Neiman are believed to have been perpetrated by the same group of criminals, who also targeted other retailers.
Target reported disappointing earnings last week, with fourth-quarter profit down 46 percent from the same period the year before. Executives said those results were partly because of a steep drop in sales and traffic after the breach became public.
To lure back jittery shoppers, Target was forced to offer unplanned discounts, like 10 percent off purchases in its stores during the last weekend before Christmas, which also took a bite out of its profit. The company spent $61 million on expenses related to the breach during the fourth quarter, and it said it expected to receive $44 million in insurance payments.
On Wednesday, the company also announced that it would be hiring a new chief compliance officer. Ann Scovil, who is head of compliance and risk assurance at the company, will be retiring at the end of the month, said a spokeswoman, and her position will be split between two people. Target, which historically has been fond of hiring internally, will be looking outside the company for at least one of those positions.
The company is also working with Promontory Financial Group to help it “evaluate our technology, structure, processes and talent as a part of this transformation,” Steinhafel said.