US retailer Target has announced the resignation of its chief executive and chairman, Gregg Steinhafel after a massive data breach and poor business performance.
The announcement comes four months since hackers breached Target’s IT systems and two months after the resignation of Beth Jacob as chief information officer (CIO).
The hackers are believed to have stolen 70 million records that included the name, address, email address and phone number of customers, including the details of 40 million credit and debit cards.
Up to three million of the payment card details are believed to have been sold on the black market and used for fraud before issuing banks cancelled the rest, according to security blogger Brian Krebs.
In addition to the data breach, which cost $17m in remediation alone, Target was hit by a 46% drop in profits in the fourth quarter of 2013, compared with the same period the year before.
In January 2014, Target also admitted sales had “softened meaningfully” after the announcement of the breach. The company issued a profit warning because of future expenses related to the breach.
Read more about data breaches
- Racing Post warns users of website breach
- Lakeland warns customers of potential data breach
- Target data breach creates poor retail customer experience
- The ICO issues BYOD warning after breach
- 2013 Cost of Data Breach Study: UK
- London council gets £70,000 penalty for data breach
- EU data breach disclosures to be enforced soon
- Another online firm hit by data breach
Target is being sued by at least 11 customers over the security breach. The lawsuits, each seeking class-action status, were filed in US courts, reported the BBC.
"After extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target,” the company said in a statement.
The company said chief financial officer (CFO) John Mulligan will take over as interim president and chief executive.
Roxanne Austin, a current member of Target's board of directors, has been appointed as interim non-executive chair of the board.
At the end of April 2014, Target named Bob DeRodes – who has 40 years' experience in information technology – was its new chief information officer.
Target has yet to appoint a chief information security officer and a chief compliance officer.