Next Score View the next score

    Target executive quits after data breach

    Target reported disappointing earnings last week after a massive data breach during the Christmas season. The company spent $61 million on expenses related to the breach.
    Jeff Haynes/REUTERS
    Target reported disappointing earnings last week after a massive data breach during the Christmas season. The company spent $61 million on expenses related to the breach.
    Target/Associated Press
    Target Chief Information Officer Beth Jacob resigned Wednesday.

    NEW YORK — Target said Wednesday its chief information officer had resigned, the first high-level executive to depart after an enormous breach of customer data late last year that put a dent in profits.

    The company will hire an interim information officer while it searches for an outsider to replace Beth M. Jacob, said Gregg Steinhafel, Target’s chief executive.

    “While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly,” Steinhafel said. “To ensure that Target is well-positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target.”


    In her letter of resignation, Jacob said she was stepping down “effective immediately,” but she made no mention of the data breach.

    Get Talking Points in your inbox:
    An afternoon recap of the day’s most important business news, delivered weekdays.
    Thank you for signing up! Sign up for more newsletters here

    “This is a difficult decision after 12 rewarding years with the company I love,” Jacob said. “But this is a good time for a change.”

    Jacob first joined Target in 1984 as an assistant buyer, according to the Target website. She left the company for a time, and then returned in 2002. She had been vice president of Target Technology Services and chief information officer since 2008.

    On Dec. 19, during the final days of the holiday shopping season, the company publicly confirmed that credit and debit card information for 40 million of its customers had been compromised. A few weeks later, the company said another batch of data, personal information on some 70 million customers, had been stolen as well.

    The breach at Target was believed to have been perpetrated by a group of criminals in Eastern Europe who installed malware on the company’s system to siphon away customer information, according to two people involved in the investigation who were not authorized to speak publicly.


    One law enforcement official said the criminals were believed to have gained access to Target’s system using the login credentials of one of the retailer’s vendors, a Pennsylvania-based company that provided air conditioning, heating, and refrigeration services.

    Since the Target breach became public, several other retailers have acknowledged the theft of customer information, including Neiman Marcus and Michaels. On Wednesday, Sally Beauty, which sells beauty products at 2,600 stores across the United States, said it was investigating a possible breach.

    So far, the Target breach appears to have affected the most people. The breaches at Target and Neiman are believed to have been perpetrated by the same group of criminals, who also sought data from other retailers.

    Target reported disappointing earnings last week, with fourth-quarter profit down 46 percent from the same period the year before. Executives said those results were partly because of a steep drop in sales and traffic after the breach became public.

    To lure back shoppers, Target was forced to offer unplanned discounts, such as 10 percent off purchases in its stores during the last weekend before Christmas, which also took a bite out of its profit. The company spent $61 million on expenses related to the breach during the fourth quarter and said it expected to receive $44 million in insurance payments.


    On Wednesday, Target said it would be hiring a new chief compliance officer. Ann Scovil, head of compliance and risk assurance, will retire at the end of the month, said a spokeswoman, and her job will be split between two people. Target, which historically has hired internally, will be looking outside the firm for at least one of those positions.

    The company is also working with Promontory Financial Group to help it “evaluate our technology, structure, processes, and talent as a part of this transformation,” Steinhafel said.