Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg View

Why the Target Data Hack Is Just the Beginning

It took only a month. Target (TGT) first divulged a breach involving 40 million credit and debit card accounts on Dec. 19. It later revealed that information on 70 million customers—including names, addresses, and phone numbers—had also been hacked.

Customers are fuming. State regulators are investigating. Congress is demanding an inquiry. Lawsuits are piling up. Gregg Steinhafel, Target’s chief executive officer, attempted to make amends in an open letter to customers. Target plans to form “a coalition to help educate the public on the dangers of consumer scams,” the letter says, and it hopes to “accelerate the conversation—among customers, retailers, the financial community, regulators, and others—on adopting newer, more secure technologies that protect consumers.”

Steinhafel is onto something important with his call for better technology. The most important step U.S. retailers can take in response to this breach (Neiman Marcus Group and several other merchants were also hacked at about the same time) would be to speed adoption of encrypted smart-chip credit cards, which are more secure than the antiquated magnetic-stripe cards most Americans use. The U.S. has been a laggard in adopting the technology, which can significantly reduce counterfeiting scams, the largest kind of credit card fraud. Card companies and retailers plan to reform fraud liability in ways that will encourage the smart-chip cards, but not until the end of 2015.

Retailers should encrypt the data that moves between their cash registers and financial institutions. They should make use of multilayered security procedures, which can help ensure employees don’t accidentally compromise company data. And they should share information about software vulnerabilities and supply-chain risks with their competitors. Companies can no longer afford to think of cybersecurity as an issue only for the guys in IT. Because if there’s one thing all retailers know, it’s that there will be a next time.

To read Albert R. Hunt on Ben Bernanke’s legacy and William Pesek on unifying the Koreas, go to:

blog comments powered by Disqus