Target CEO Gregg Steinhafel stepped down Monday in the wake of a massive, pre-Christmas data breach that resulted in the theft of 40 million debit and credit card numbers, as well as the potential exposure of personal information of up to 70 million shoppers.
Here’s a timeline of events leading up to Steinhafel’s departure.
1999: Steinhafel named president after 20 years with the company during which he held numerous merchandising and operating positions.
2007: Steinhafel named to Target’s board of directors.
May 2008: Steinhafel named president and CEO.
January 2009: Steinhafel named chairman of Target’s board.
Dec. 19, 2013: Target acknowledges that data connected to about 40 million credit and debit card accounts was stolen as part of a breach that began over the Thanksgiving weekend. The theft marks the second-largest credit card breach in U.S. history. Steinhafel issues a statement of apology the following day.
Jan. 10, 2014: Target announces that in addition to the credit and debit card numbers, personal information — including phone numbers and email and mailing addresses — were stolen from as many as 70 million customers in the breach, putting them at risk of identity theft.
The chain also said its sales had been hurt by the breach, cutting its forecast for fourth-quarter earnings and a key sales barometer.
Jan. 29, 2014: Target says investigators found that hackers stole credentials from a vendor to access the retailer’s systems. It did not identify the vendor at the time, but a Pittsburgh-area heating and refrigeration business that did business with Target later came forward to say that it also was the victim of a sophisticated cyberattack.
Feb. 26, 2014: Target says its fourth-quarter profit fell 46 per cent on a revenue decline of 5.3 per cent as customers became spooked about the safety of their private data.
While Target said sales have been recovering since the breach, it expects business to be muted for some time. It issued a profit outlook for the current quarter and full year that was below Wall Street expectations.
March 5, 2014: Chief Information Officer Beth Jacob resigns, first executive caught up in the fallout of the breach.
April 29, 2014: Bob DeRodes, who has 40 years of experience in information technology, is named as new chief information officer.
The company also says that MasterCard Inc. will provide its branded credit and debit cards with the more secure chip-and-PIN technology that it says will be coming out next year. That will make Target the first major U.S. retailer that will have its own branded cards with such technology.
May 5, 2014: Target announces Steinhafel’s departure and names Chief Financial Officer John Mulligan as interim president and CEO.