Scrambling to tamp down consumer outrage over the theft of credit and debit card data from more than 40 million of its customers, Target announced Friday that it would offer a 10 percent discount on purchases inside its stores Saturday and Sunday — the final shopping weekend of the holiday season.
Target, one of the nation’s largest retailers, tried to assuage consumers’ worries by saying that the company so far had found no evidence that secret security PINs or codes had been exposed. Target had already said that credit and debit card numbers, names and other data had been hacked from cards during a brisk time in sales — Nov. 27 through Dec 15.
It is also offering free credit monitoring, according to the Associated Press.
But according to numerous people who monitor such frauds, there were reports that some customer data had begun to flood the black market Friday.
In a statement, Gregg W. Steinhafel, Target’s chief executive, apologized, acknowledging that consumers trying to get information from the retailer’s website or telephone hotline were having trouble getting through.
On the company’s Facebook page, people made their frustrations known.
“As long as I’m on hold, I’ll promote Walmart,” one person wrote.
Steinhafel tried to reassure customers that the company would offer not only discounts but also credit monitoring for all affected.
“Our guests’ trust is our top priority at Target and we are committed to making this right,” he said in the statement. “We want our guests to understand that just because they shopped at Target during the impacted time frame, it doesn’t mean they are victims of fraud. In fact, in other similar situations, there are typically low levels of actual fraud. Most importantly, we want to reassure guests that they will not be held financially responsible for any credit and debit card fraud.”
It was unclear whether shoppers were steering clear of Target’s stores, but the discount offer clearly signaled that the retailer feared losing significant revenue at a critical time of the year, when retail trade groups estimate that as much as 20 to 40 percent of a company’s overall annual sales can be made. Target executives had already indicated this year that they were worried that a sluggish economy and stagnant wages would combine for a lackluster holiday season.
Steinhafel’s statement was released Friday just after the markets closed, announcing that Target would be putting much of the store on sale. (A few items are exempt, such as prescriptions and many top-selling electronics — like Bose and Apple products, and PlayStation 4 and Xbox One consoles. The offer is good for one shopping spree per customer.)
Some analysts, however, wondered whether a 10 percent markdown would be enough to draw customers back into the stores.
“That’s the ultimate question,” said Ken Perkins, founder of Retail Metrics. “Given how deep discounts have been across the retail landscape this holiday season, I don’t know if that moves the needle that much. Twenty percent might have drawn serious interest, but 10 percent? I don’t know.”
Target, with nearly 1,800 stores and $73 billion in revenue reported last year, would not release information on the effect that the hacking news has had on its sales or its traffic, but outrage was ricocheting around the Internet. Customers complained that the company was not doing enough and that they were encountering error messages while trying to check their Target REDcard accounts online.
John Kenyan, a REDcard holder, said in an email that when he had tried to check his account for fraudulent activity, the account had listed only the total purchase amount, the date and the store, without listing the individual items purchased. “This makes it almost impossible to check for fraud,” Kenyan said.
Craig Johnson, president of Customer Growth Partners, a retail consulting and research firm, said Target’s handling of the news had been “less than nimble,” because while the company had become aware of the problem Dec. 15, word first reached its customers days later when a blogger broke the news.
“You’ve got to get out in front of this news,” Johnson said. “Their customers heard about it from the media, rather than from they themselves.”
While the 10 percent discount would help somewhat, he pointed out that some apparel stores would offer 50 percent discounts in the coming days.
On Dec. 11, one week after hackers breached Target’s systems, EasySolutions, a company that tracks fraud, noticed a ten- to twentyfold increase in the number of high-value stolen cards on black market websites.
The black market for credit card and debit card numbers is highly sophisticated, with numerous card-selling sites that are indistinguishable from an e-commerce site. Many sell cards in bulk to account for the possibility of cancellations. Some go for as little as a quarter apiece. Corporate cards can sell for as much as $45.
But the security blogger Brian Krebs, who first broke news of the Target security breach, said the high-value cards of some Target customers were selling for as much as $100 on exclusive black market sites.