Target CEO 'Still Shaken' by Data Breach, Vows to 'Make It Right'

×
Target CEO still shaken by the data breach, vows to make it right
Joe Raedle/Getty ImagesA customer uses the credit card scanner at a Target store.
By Becky Quick
and Matthew J. Belvedere


For Target Chairman and CEO Gregg Steinhafel, Dec. 15 started out as a normal Sunday. He was at home, having coffee with his wife. That's when he got the first call about the cyber security breach at the retailer, which would to date put the personal information of as many as 110 million customers at risk.

"My heart sunk," Steinhafel reflected, describing his initial reaction to word of the attack, which had hit Target at the worst time with the busy holiday shopping season in full-swing and Christmas just 10 days away.

"It's hard for me to describe the feeling that came over me," he revealed in a CNBC interview -- his first since Target acknowledged the attack -- four days after Steinhafel was initially informed.

While it's been about a month since Steinhafel learned of the breach, he said he's "still shaken by it." He said he's had many "sleepless nights" already, but expects many more because "we are not going to sleep until we get it right and we regain the trust of our guest. And we're gonna be better as a result of this."

He knows his customers are still frustrated, and said that "they have every right to be."
On Dec. 19, Target (TGT) first disclosed that as many 40 million credit and debit cards were compromised between Nov. 27 and Dec. 15 by malware installed on the company's point of sale registers.

Steinhafel said Target's first priority was to remove the malware, which was accomplished by that Sunday evening.
"We were very confident that coming into Monday [Dec. 16], guests could come to Target and shop with confidence with no risk."

But this past Friday, Target said its investigation found that at least 70 million customers' personal information was stolen from its database -- including names, mailing addresses, telephone numbers, and email addresses. Some victims didn't shop at Target during the time of the breach, said the retailer, which expects some overlap in the two data sets but doesn't have the exact numbers yet.

Steinhafel said he's aware of the anger felt by his customers because he's been getting an unvarnished view of the outcry. "No one screens my email. So I have read every single email that has come to me."

He said the emails "run the gamut of emotions" from support of the way the retailer has handled the situation, to what he described as some "fairly poorly chosen words to describe Target and myself."

Target also announced Friday that it lowered its fourth-quarter profit forecast, in part due to weaker-than-expected sales since reports of the cyber-attack emerged. Steinhafel said that shopping trends as of Friday were nearly back to normal.

"We have to do everything possible to make it right by every guest and earn that trust back," Steinhafel vowed.


More from CNBC



Increase your money and finance knowledge from home

Investment Strategies

What's your investing game plan?

View Course »

Basics Of The Stock Market

Stock Market 101 - everything you need to know but were afraid to ask!

View Course »

Add a Comment

*0 / 3000 Character Maximum

15 Comments

Filter by:
GARY

As a retailer and given their volume of credit card tranactions, I'm sure Target was complying with PCI (Payment Card Ind) regulations and probaby was already performing other cyber security excerises. They apparently need to step up their cyber security program but this just shows that even with a program in place, attacks are inevitable and defense is imperative! More information at:
www.ddifrontline.com

January 13 2014 at 2:32 PM Report abuse rate up rate down Reply
dashdzl

I like to shop at Target. I have to take my hat off the CEO, that he genuinely shows concern. I think things will work out fine.

January 13 2014 at 1:14 PM Report abuse -1 rate up rate down Reply
cvanac8550

One more retailer to be put out of business for Wal-Mart to have total domination of this market segment.
Wouldn't surprise me one bit...........Look out Costco.........have I missed something or has anyone tried to find out the source of the cyber attacks

January 13 2014 at 12:09 PM Report abuse -1 rate up rate down Reply
1 reply to cvanac8550's comment
cvanac8550

And if none of these compromised accounts has been hit..fill in the blanks.......

January 13 2014 at 12:14 PM Report abuse rate up rate down Reply
mcager

He should be "still shaken". Those of us who used our credit and debit cards at Target will be watching our accounts like hawks for a long time to come to make sure no one has stolen our identity. They need to update their software and stop lining their pockets with the money they DON'T spend on security.

January 13 2014 at 12:02 PM Report abuse -1 rate up rate down Reply
traveler9893

I USED TO SHOP AT TARGET ALL THE TIME. BUT, SINCE THEY WERE TOO CHEAP TO USE ADEQUATE SOFTWARE TO PROTECT THEIR OWN CUSTOMERS, AND ONLY WORRIED ABOUT THE BOTTOM DOLLAR PROFIT, I DON'T SHOP THERE MUCH ANYMORE. THE TARGET CEO IS JUST TRYING TO COVER HIS OWN BUT, AND KNOWS THEY SHOULD HAVE HAD BETTER SOFTWARE, BUT DIDN'T WANT TO PAY FOR IT. TARGET SHOULD BE HELD ACCOUNTABLE, AND PAY FOR ANY FALSE CHARGES MADE TO CUSTOMERS DEBIT/CREDIT CARDS. NOT LEAVE THEIR CUSTOMERS LEFT HOLDING THE BAG TO PAY FOR THE PROBLEM THEY CAUSED!

January 13 2014 at 11:57 AM Report abuse -1 rate up rate down Reply
ColoMtnLvr

A bad IT department, that's for sure. More than likely, still an "inside job" or assistance from to accomplish it.

January 13 2014 at 11:46 AM Report abuse -1 rate up rate down Reply
ladyredskins

I have just about stopped going to Target for a few reasons such as prices are higher than other stores, they keep on replacing name brands with their own products and I don't like their own brand of products (yes there is a difference) and they are very limited on hair color products and don't carry my exact color anymore. I have filled out the cards numerous times about this and also emailed corporate. I was told to get the bar numbers which I did and email them back to corporate. After that I received an email that said they weren't the bar numbers, well yes they were and I wrote back to them that yes they were the numbers. I got the numbers off of the products. Then I received a nasty email from corporate and I responded that I will no longer be shopping at Target because of their nastiness and not willing to help a customer. There is no reason to be nasty when I was not nasty at all. Target is not a high end store and that is what they are attempting to be especially with the overpricing so many products.

January 13 2014 at 11:43 AM Report abuse rate up rate down Reply
josephflv

Target will do what they always do recover the cost. Take it out of the employee income by cutting their hours.

January 13 2014 at 11:11 AM Report abuse rate up rate down Reply
1 reply to josephflv's comment
dashdzl

Do you know that they do that?

January 13 2014 at 1:11 PM Report abuse rate up rate down Reply
nyhowie77

when we found out my wife was one of those who shopped at target..she called the worthless bank that issues her card.. they said relax dont worry!!!!!!!!!!!! that was on a friday...I told my wife to go into the bank MONDAY "and dont let them "CHASE" YOU OUT UNTIL YOU GOT A NEW CARD... she got what she asked for on M onday....and we are one of their PRIVATE clients yet!!!.
SO TO OUR GOVERMENT....REGARDING ALL THOSE BUSINESSES..BANKS ETC. THAT ALLOW OUR PRIVATE INFORMATION TO BE COMPROMISED THERE BE A LAW WITH HEAVY FINES THAT MAKE IT MANDATORY FOR THOSE COMPANIES TO GIVE EACH AND EVERY CARD HACKED A NEW CARD IN SAY 3 DAYS...WHEN YOU WAIT FOR A SOLUTION FROM THOSE WHO ALLOWED IT CAN CAUSE LOSS...SO WE NNED SAY A FEDERAL LAW "CALL IT THE "HACKED INFO ACT" scary that all the banks cared about was the amount of work it takes to give out new secuirty to their customers..

January 13 2014 at 10:07 AM Report abuse rate up rate down Reply
1 reply to nyhowie77's comment
dashdzl

Why do you use a worthless bank. Chase bank sent me a new card as a precaution.

January 13 2014 at 1:18 PM Report abuse rate up rate down Reply
1 reply to dashdzl's comment
nyhowie77

dash...look up what bank has a private client client sector...re=read my posting...it may give you a hint of the banks name

January 13 2014 at 7:15 PM Report abuse rate up rate down
ED

I rarely shop at Target, although I like the store. It's just too far for me to go. BUT, my Credit Union cut off my debit card, due to suspicious activity, related to the Target breech. My wife shops there all the time, with her own debit card. Two weeks after my card was sgut down, hers was shut down also. I can imagine this is going to end up being one big mess for all concerned.

January 13 2014 at 8:42 AM Report abuse rate up rate down Reply