Target CEO Apologizes For Hack, Explains 4-Day Delay For Alerting Customers

We have a feeling Steinhafel made a similar face when he heard about the data breach on Dec. 15.

We have a feeling Steinhafel made a similar face when he heard about the data breach on Dec. 15.

As you all know, between Black Friday weekend and December 15, Target’s in-store credit and debit card processing system was compromised, allowing attackers to make off with more than 100 million card numbers and other information. Last night, Target CEO Gregg Steinhafel went on TV to (repeatedly) apologize and to explain why Target didn’t acknowledge the hack until Dec. 18.

“I found out on Sunday [Dec. 15],” recalls Steinhafel in an interview with CNBC. “Sunday was really day one… That was the day we confirmed we had an issue, and so our number one priority was to do the right thing for the guests. It was about making our environment safe and secure. We worked very hard on that and by six o’clock that night, our environment was safe and secure. We eliminated the malware… we were very confident that coming into Monday, guests could come to Target and shop with no risk.”

Steinhafel says that the second day, Dec. 16, “was about initiating the investigation, and the forensic work,” a process that is still ongoing as no specific culprits have been identified.

The third day was about preparing for the onslaught of questions and negative publicity the hack news would bring.

“We wanted to make sure our stores and our call centers would be as prepared as possible,” explains the CEO.

And then finally, on the fourth day, with a little help from cybersecurity journalist Brian Krebs and others, Target unleashed the bad news to the public.

“Throughout that four day process — to some people it probably felt longer than that — we worked around the clock to try and do the right thing, to be transparent, truthful and then share what we knew as quickly as we could,” says Steinhafel, who apologized for, among other things, the hack and for the difficulties that many customers had reaching the retailer’s customer service line in the wake of the hack.

Steinhafel once again stressed to customers that “We are responsible, we’re accountable for all of it, and we want to make that crystal clear to everybody that’s shopped in our store… They have zero liability.”

Yesterday, the company also announced that it is offering a year of free credit monitoring to everyone who shopped at a U.S. target store. You can get more details on that here.

While Target’s reputation has been soured by the massive data breach, the retailer’s stock price is only down slightly from where it was before the hack. It will take months to see if this gaffe leaves a long-lasting stain on the store’s business.

Read Comments2

Edit Your Comment

  1. ShadyTrust says:

    How about apologizing for requiring employees to scan someone’s ID just to check their age and, you know, stopping doing it?

    • robinm says:

      Ouch.. they don’t do that where I live (Fort Worth, TX area)… I wonder if that’s a regional thing :-/