As Data Breach Woes Continue, Target's CEO Resigns

Target CEO Gregg Steinhafel checks out Black Friday sale items on Nov. 22, 2012, in Bloomington, Minn. Photograph by Janet Hostetter/AP Images for Target

Target’s chairman and chief executive officer, Gregg Steinhafel, a 35-year company veteran, is stepping down, as the massive pre-Christmas data breach suffered by the Minnesota retailer continues to roil the company. The decision is effective immediately, according to a statement posted today on the company’s website. John Mulligan, Target’s chief financial officer, has been appointed as interim president and CEO.

Steinhafel “held himself personally accountable and pledged that Target would emerge a better company,” following the breach, the statement said. “We are grateful to him for his tireless leadership and will always consider him a member of the Target family.”

The breach shook customer confidence in the company following an announcement that hackers had stolen 40 million debit and credit card numbers from the retailer’s data banks as well as the personal data of as many as 70 million Target customers. In March, Bloomberg Businessweek reported that the company had failed to act even though its security systems had detected the hackers before any of the data were removed.

The company has yet to announce the results of a months-long internal investigation into the breach, which may provide an account of how the hackers were able to penetrate the retailer’s supposedly secure point-of-sales systems as well as other critical parts of the company’s computer network. Outside auditors are also examining possible security failures at the company, a process that could significantly increase the cost of the breach by shifting liability from bank card issuers to the retailer.

Last month the company hired a new chief information officer, replacing another Target veteran who had risen through the company ranks with an outsider with long experience in securing credit, online, and mobile payments systems.

Mulligan, the interim CEO who represented the company in testifying about the data breach before Congress, is as much of a Target insider as Steinhafel. He joined Target in 1996 as a financial analyst, becoming director of Finance and then capital investments. In 2010 he took the lead in accounting and financial operations. His MBA is from the University of Minnesota.

Brian Yarbrough, an analyst for Edward Jones & Co. in St. Louis, called the data breach “the final straw,” adding to concerns about lackluster U.S. sales and a Canadian expansion that’s lost three times the money Target initially expected.

“The business has been struggling, the Canadian operation, and then you throw on top of that this massive data breach and the board probably sat down and said, it’s time for some change here,” said Yarbrough.

Steinhafel joined Target in 1979, and rose through the ranks in the company’s merchandising operations to become executive vice president of that division in 1994. He was named president of Target in 1999, and joined the board in 2007.