NEW YORK – Target’s massive data breach has now cost the company’s CEO his job.
Target announced Monday that Chairman, President and CEO Gregg Steinhafel is out nearly five months after the retailer disclosed the breach, which has hurt its reputation among customers and has derailed its business.
The nation’s third-largest retailer said Steinhafel, a 35-year veteran of the company and CEO since 2008, has agreed to step down, effective immediately. He also resigned from the board of directors.
A company spokeswoman declined to give specifics on when the decision was reached.
Shares fell nearly 2 percent in pre-market trading Monday.
The departure suggests the company is trying to start with a clean slate as it wrestles with the fallout from hackers’ theft of credit and debit card information on tens of millions of customers. The company’s sales, profit and stock price have all suffered since the breach was disclosed.
Target, based in Minneapolis, said Chief Financial Officer John Mulligan has been appointed interim president and CEO. Roxanne S. Austin, a member of Target’s board, has been named as interim nonexecutive chair of the board. Both will serve in those roles until permanent replacements are named.
Steinhafel will serve in an advisory capacity during the transition. Jim Johnson remains lead independent director on the board.
Steinhafel’s tenure has been rocky. The company has struggled with its expansion into Canada, its first foray outside of the U.S. The company, known for its cheap chic clothing and home decor, also has seen uneven sales since the recession ended as it confronts fierce competition.
Under Steinhafel’s leadership, the company has expanded into fresh groceries and offered a 5 percent discount to customers who use its branded debit and credit cards. But clearly the breach was a big black eye on Steinhafel’s term.
“The last several months have tested Target in unprecedented ways,” Steinhafel wrote in a letter to the board that was made available to The Associated Press. “From the beginning, I have been committed to ensuring Target emerges from the data breach a better company, more focused than ever on delivering for our guests.”
Steinhafel’s departure comes two months after the company announced that Chief Information Officer Beth Jacob resigned and outlined a series of changes it was making to overhaul its security systems and its security department.
Last week, Target named Bob DeRodes, who has 40 years of experience in information technology, as its new chief information officer. Target said it is continuing its search for a chief information security officer and a chief compliance officer.
Target also said last week that MasterCard Inc. will provide branded credit and debit cards with a more secure chip-and-PIN technology next year. That will make Target the first major U.S. retailer that will have store cards with this technology.
Steinhafel has been facing increasing pressure since it was revealed on Dec. 19 that a data breach compromised 40 million credit and debit card accounts between Nov. 27 and Dec. 15. Then on Jan. 10, the company said hackers also stole personal information – including names, phone numbers as well as email and mailing addresses – from as many as 70 million customers.
The company’s board has been meeting with Steinhafel monthly instead of quarterly to oversee Target’s response to the breach.
When the final tally is in, Target’s breach may eclipse the biggest known data breach at a retailer, one disclosed in 2007 at the parent company of TJ Maxx that affected 90 million records.
Target reported in February that its fourth-quarter profit fell 46 percent on a revenue decline of 5.3 percent as the breach scared off customers.
Target’s sales have been recovering as more time passes, but it expects business to be muted for some time: It issued a profit outlook for the current quarter and full year that missed Wall Street estimates because it faces hefty costs related to the breach.
Target’s shares have been volatile and are down 2.5 percent since the breach was disclosed. Shares fell $1.06 to $60.95 in premarket trading.
Here’s a timeline of events leading up to Steinhafel’s departure.
1999: Steinhafel named president after 20 years with the company during which he held numerous merchandising and operating positions.
- 2007: Steinhafel named to Target’s board of directors.
- May 2008: Steinhafel named president and CEO.
- January 2009: Steinhafel named chairman of Target’s board.
- Dec. 19, 2013: Target acknowledges that data connected to about 40 million credit and debit card accounts was stolen as part of a breach that began over the Thanksgiving weekend. The theft marks the second-largest credit card breach in U.S. history. Steinhafel issues a statement of apology the following day.
- Jan. 10, 2014: Target announces that in addition to the credit and debit card numbers, personal information – including phone numbers and email and mailing addresses – were stolen from as many as 70 million customers in the breach, putting them at risk of identity theft.
- The chain also said its sales had been hurt by the breach, cutting its forecast for fourth-quarter earnings and a key sales barometer.
- Jan. 29, 2014: Target says investigators found that hackers stole credentials from a vendor to access the retailer’s systems. It did not identify the vendor at the time, but a Pittsburgh-area heating and refrigeration business that did business with Target later came forward to say that it also was the victim of a sophisticated cyberattack.
- Feb. 26, 2014: Target says its fourth-quarter profit fell 46 percent on a revenue decline of 5.3 percent as customers became spooked about the safety of their private data.
- While Target said sales have been recovering since the breach, it expects business to be muted for some time. It issued a profit outlook for the current quarter and full year that was below Wall Street expectations.
- March 5, 2014: Chief Information Officer Beth Jacob resigns, first executive caught up in the fallout of the breach.
- April 29, 2014: Bob DeRodes, who has 40 years of experience in information technology, is named as new chief information officer.
- The company also says that MasterCard Inc. will provide its branded credit and debit cards with the more secure chip-and-PIN technology that it says will be coming out next year. That will make Target the first major U.S. retailer that will have its own branded cards with such technology.
- May 5, 2014: Target announces Steinhafel’s departure and names Chief Financial Officer John Mulligan as interim president and CEO.
- Name: Gregg W. Steinhafel
- Age: 59
- Hometown: Milwaukee, Wisconsin
- Education: Bachelor’s degree from Carroll University, Waukesha, Wisconsin; Master’s degree from Northwestern’s Kellogg School of Management
- Career: A 35-year veteran of Target, he began as a merchandise trainee in 1979 and held a variety of merchandising and operational management positions. He became president in 1999, CEO in 2008 and chairman in 2009.
- Other info: Steinhafel also serves on the boards of The Toro Co. and TreeHouse, a Minnesota nonprofit. He is a member of the Business Roundtable, Business Council and the Minnesota Business Partnership.
- Family: Married with three children.