Gregg Steinhafel, who has been Target’s Chief Executive Officer since 2008, has resigned months after one of the largest data breaches in history made Target stock value and sales plummet. He also resigned from the board of directors, although he will remain on in an advisory capacity. This is a major benchmark in data breach fallout, as Steinhafel, a 35-year veteran of the company, is the first CEO of a major corporation to lose his job over a breach of customer data. And given how lax most retailers are about their security (they spend, on average, only 6% of revenues, vs. 15% for banks), he won’t be the last.
If you are one of the 40 million customers who have used a credit or debit card at Target stores in the United States between November 27 and December 15, you’d better start checking your accounts for fraudulent activity. Target confirmed that the data stored on the magnetic strip of cards (customer names, debit or credit card numbers, and card expiration dates) were taken, along with the three-digit security codes (CVVs) often imprinted on the backs of cards.
The type of data stolen would allow thieves to create counterfeit credit cards and, if pin numbers were intercepted, would also allow thieves to withdraw cash from ATM machines. Only in store purchases are at risk, so online shoppers need not worry.
Target spokeswoman Molly Snyder would not comment on how customers’ data were stored or encrypted prior to the attack, saying that would be part of the ongoing investigation. Target immediately notified law enforcement authorities and financial institutions, and the issue is being investigated by the Secret Service and a third-party forensics firm.
Get monthly strategies and tips for protecting yourself and your business delivered right to your Inbox. Signup now and you'll immediately receive John's 7 Survival Strategies for Starving Data Spies!