Target CEO Gregg Steinhafel to step down over December data breach

The chief executive of US retail chain Target has become the first boss of a major corporation to lose his job because of data theft, in a move that underscores the severe implications of computer security breaches for top corporate bosses.

Gregg Steinhafel, who was also president and chairman, exits after nearly five months following Target Corp disclosing a large pre-Christmas breach in which hackers stole millions of customers' credit- and debit-card records. The chain's reputation and )profits took a major hit from the breaches (See: Citibank to replace all debit cards involved in Target data breach).

The 35-year company veteran and chief executive since 2008, also resigned from the board of directors, Target said yesterday.

The Boston Globe quoted Cynthia Larose, chair of privacy and security practice at the law firm Mintz Levin as saying Steinhafel was the public face of the breach. She said, the company struggled to recover from it, and added that it was a new era for boards to take a proactive role in understanding what the risks were.

According to commentators, the departure of Steinhafel, 59, suggested the company wanted a clean slate as it wrestled with the fallout of the breach. However, the resignation comes at a time when the 1,800-store chain was faced with several challenges.

Meanwhile John Mulligan, Target's chief financial officer, will take over as interim CEO while the company sought a permanent chief, according to a statement. Former DirecTV executive and board member Roxanne Austin, would be interim chairman, Bloomberg reported.

Steinhafel, was already under scrutiny for not being able to make dent the competition in e-commerce and overseeing a Canadian expansion that lost around $1 billion last year. The pressure grew more intense over the holiday season, when hackers breached Target's defenses and stole shoppers' personal information.

According to Les Berglass, founder and CEO of Berglass & Associates, a New York-based executive-search firm, failure was not one big mistake, failure was lots of small mistakes that added up to a big mistake.

In March, Bloomberg Businessweek reported that the retail chain had ignored warnings from its hacker-detection tools and missed an opportunity to stop the attack sooner. The breach concerned 40 million credit card numbers as also 70 million addresses, phone numbers and other pieces of information.

After the attack became public knowledge in December, the company's reputation and foot traffic suffered heavily with the Minneapolis-based company's US comparable-store sales dropping 2.5 per cent in the fourth quarter.