Target CEO quits after data breach

US retailer Target chief executive and chairman Gregg Steinhafel resigns after hackers stole customers' personal data from 70 million records

US retailer Target has announced the resignation of its chief executive and chairman, Gregg Steinhafel after a massive data breach and poor business performance.

The announcement comes four months since hackers breached Target’s IT systems and two months after the resignation of Beth Jacob as chief information officer (CIO).

The hackers are believed to have stolen  70 million records that included the name, address, email address and phone number of customers, including the details of 40 million credit and debit cards.

Up to three million of the payment card details are believed to have been sold on the black market and used for fraud before issuing banks cancelled the rest, according to security blogger Brian Krebs.

In addition to the data breach, which cost $17m in remediation alone, Target was hit by a 46% drop in profits in the fourth quarter of 2013, compared with the same period the year before.

In January 2014, Target also admitted sales had “softened meaningfully” after the announcement of the breach. The company issued a profit warning because of future expenses related to the breach.

Target is being sued by at least 11 customers over the security breach. The lawsuits, each seeking class-action status, were filed in US courts, reported the BBC.

"After extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target,” the company said in a statement.

The company said chief financial officer (CFO) John Mulligan will take over as interim president and chief executive.

Roxanne Austin, a current member of Target's board of directors, has been appointed as interim non-executive chair of the board.

At the end of April 2014, Target named Bob DeRodes – who has 40 years' experience in information technology – was its new chief information officer.

Target has yet to appoint a chief information security officer and a chief compliance officer.

Read more on Privacy and data protection