Target Crisis Case Study

Target Corporation Credit Card Crisis: An Analysis of Targets Response to a Data Breach in
November 2013
Target Corporation Credit Card

Crisis
An Analysis of Targets Response to a Data Breach in

November 2013
Arthur W. Page Society

2015 Case Study Competition
November 2013
TABLE OF CONTENTS
I.
CASE STUDY
1. Overview
2. A Brief History of the Target Corporation

2.1 Target Corporation Background
2.2 Target Corporation Profile
2.3 Previous Target Controversies
3-5
3-4
4
4-5
3. The Credit Card Crisis of 2013
5-6
4. Timeline of Events
6-7
5. Company Response
5.1 Letter from President/ CEO
5.2 Updated Website
5.3 Facebook
5.4 REDcard
5.5 Free Credit Monitoring Service
7-9
7
7
8
8-9
9
6. CEO Resigns
9-10
7. Financial Impact
10-12
7. What Happens Next?
13-14
II.
APPENDICES
14-20
III.
REFERENCES
21-23
November 2013
I. CASE STUDY
1. Overview
In November 2013, during the midst of holiday shopping, customers of Target stores got caught
up in what would soon be known as one of the biggest corporate public relations crises of 2013.
From November 27 to December 15 of 2013, 70 million credit and debit card accounts of Target
customers were affected by a data breach.
This data breach created stress and anxiety for Target customers about the safety of their
payment information. It also brought a steep decline in sales and jeopardized Target customers
trust in the company. For that reason, Target responded to communicate that it was doing its best
to address the issue so that customers could shop with confidence again.
In response to the credit card data break that took place at Target stores in the United States, the
company implemented a variety of steps to try to fix the trust problems created between the
corporation and its customers. Target President and CEO Gregg Steinhafel sent a letter to all
Target guests, the company created a new section on its website called Data Breach FAQ,
Target sent information out to customers through Facebook, and provided incentives to
customers who use the Red Card. It even offered a free one-year credit monitoring service to
all customers affected by the data breach.
The Target Credit Card Crisis is a case study of how Target responded to its crisis with a prompt
apology and with transparency in its communications with its customers through multiple
channels, offline and online.
2. A Brief History of the Target Corporation
2.1 Target Corporation Background
Targets Corporation promise is simple: Expect More. Pay Less. The company was founded
by George Draper Dayton in the late 1800s. By 1902, after years of research, he purchased land
in Minneapolis, Minnesota, and opened Dayton Dry Goods Company, which is now known as
Target. According to Target website, His store soon becomes known for dependable
merchandise, fair business practices and a generous spirit of giving (Target through the Years).
He remained active as the president of the company until he died in 1938, when his sons and
grandsons took over and grew the company into a nationwide retailer over many years.
Since the founding of Target, the spirit of giving established by Dayton has lived on. In 1946,
The Dayton Company began the practice of giving five percent of pretax profits back to the
community, which helped the company gain credibility as a reliable retailer (Target through the
Years). By the 1950s and early 1960s, the company opened up branch locations in the suburbs of
Minnesota and continued to grow. In May of 1962, guests in the Twin Cities area wake to the
3
November 2013
news of Target's first grand opening in Roseville, Minn. Created as a store you can be proud to
shop in, a store you can have confidence in, a store that is fun to shop and exciting to visit,
(Target through the Years). By the end of 1962, Target opened additional locations in St. Louis
Park, Crystal and Duluth, Minnesota.
By the end of the 1970s, Target achieved huge success in the retail industry. In 1979 Target
achieved $1 billion in annual sales and celebrated by holding its first Billion Dollar Sale for
guests. The Billion Dollar Sale thanked all Target customers that visited the current 74 stores in
11 states, which were open in 1979, to help Target strive to be the best store in the community
(Target through the Years). At the end of the 20th century, Target stores were open in 47 states
in the US and by 2005, the company exceeded $50 billion in annual sales. Today, Target is still
known as a company that is successful, but remains grounded through the spirit of giving (Target
through the Years). According to the company website, in 2012, company giving reached about
$4 million a week to aid in the fight against hunger, disaster preparedness and relief efforts,
support for the arts and education in general (Target through the Years). Because of such huge
success in the US market, Target recently opened stores on the Canadian border to globalize its
company and extend its mission outside American borders.
2.2 Target Corporation Profile
A huge part of Targets success is its unique mission. Its mission and values work together to
create connections and conversations both inside and outside its company. According to Targets
website, the mission is as follows:
Our mission is to make Target your preferred shopping destination in all channels by
delivering outstanding value, continuous innovation and exceptional guest experiences by
consistently fulfilling our Expect More. Pay Less. brand promise,
(AboutCorporate).
In addition to its mission, the Target brand is very dedicated to following values that represent its
goals as a company:
1.
2.
3.
4.
5.
6.
Design for All

Celebrating Diversity & Inclusion
Great Guest Service
More for Your Money
A Legacy of Giving and Service
A Fun and Rewarding Place to Work (AboutCorporate).
Through the combination of its unique mission and values, Target has established itself as a
family name. Throughout the United States, the company has a solid reputation; Target is a
reliable retail store and supermarket that is dedicated to helping the community through
charitable giving and service. This reputation has allowed it to be successful over the past
century. Although the company has had a good reputation historically, that does not mean that
the company is immune to the various controversies that impact the retail world over and over
again.
4
November 2013
2.3 Previous Target Controversies
In 2010, Target came under fire from gay-rights groups for donating $150,000 to the group MN
Forward, which ran ads for a Republican candidate who opposed same-sex marriage. Gay-rights
groups were so outraged that they called for a boycott of all Target stores at the time. According
to CBS News, Chairman and Chief Executive Gregg Steinhafel wrote to employees that the
company was genuinely sorry the donation upset some people. Steinhafel also said the company
would set up a review process for future political donations and that Target's support of the gay
community is unwavering" (Condon). He added that the company's political donation was
intended to promote certain pro-business policies, not any position on social issues.
Target experienced a lot of backlash yet again in the spring of 2014 after it published pictures on
its website that had clearly been photoshopped (Feldman). At the time, the companys website
featured a photo of a teen model wearing a juniors swimsuit. In what appears to be an attempt to
make her legs look longer and bottom half look smaller, a photo editing error eliminated a piece
of her crotch, in addition to many other obvious errors like elongated arms (Feldman). (See
appendix one). According to the Huffington Post, as soon as online shoppers noticed the errors,
the photo was taken down from the company website immediately. Target released a statement
in response to the situation that read, In response to your query about the swimsuit image on
Target.com, this was an unfortunate error on our part and we apologize. We have removed the
image from our Web site. It was the result of a photo editing error on our part," (Feldman). In
order to make light of the situation, the company had the model featured in the photos appear on
the Ellen Show shortly after the Photoshop fail was revealed in the media. During her
appearance, she joked with the host about her confusion surrounding the controversy, as she
sipped on coffee with long, fake arms (The Long Arm of the Model). Because mistakes like this
happen all-too-frequently in the world of retail, many companies, such as American Eagle, have
launched campaigns that feature completely natural and un-retouched models to show their
dedication to promoting positive body image (Dockterman). Since this Photoshop error occurred
in 2014, Target has been doing damage control to convince its publics that the company, too, is
dedicated to promoting a healthy female body image.
Over the extensive and successful history of Target, the company has certainly been involved in
more controversies than what is listed above. Even the most successful companies in the retail
world make mistakes and come under fire when anything unfavorable happens within its
jurisdiction. Still, no other controversy in Target history is better known or infamous than the
Target Credit Card Scandal of 2013.
3. The Credit Card Crisis of 2013
In 2013, Target said that about 40 million credit and debit card accounts had been affected by a
data breach that occurred just as the holiday shopping season got into full swing
(Target...Breach). Target said that the accounts of customers who made purchases by swiping
their cards at stores in the U.S. between Nov. 27 and Dec. 15 could possibly have been exposed
to this scandal (Target...Breach). The data stolen from the cards included customers names,
credit and debit card numbers, card expiration dates and the three-digit security codes located on
November 2013
the back of the cards. This data breach only affected in-store shoppers; it did not affect online
purchases (Target...Breach).
Target did not explain exactly how the data breach occurred, but it fixed the problem
immediately so that credit card holders could continue shopping at its stores (Target...Breach).
When asked whether there was a certain time when shoppers would know if their accounts were
no longer vulnerable, a Target spokeswoman said, We encourage everyone to be vigilant,
(Target...Breach). Target advised customers to check their credit card statements carefully. Those
who suspected that there had been unauthorized activity on their cards were told to notify their
credit card companies as well as Target immediately (Target...Breach).
With the news of this breach coming out at the height of the critical holiday shopping season,
shoppers were worried about the safety of their personal data (Target...Breach). For Target, the
security breach was a particular black eye because the company had used its trademarked Red
credit and debit cards as a powerful marketing tool to lure shoppers in ever since uneven sale
performances happened as a result of the recession (Target...Breach).
Red credit and debit cards are such a strong marketing tool because, since 2010, Target offered
shoppers who use these cards five percent off their purchases along with other incentives such as
free shipping for online purchases (Target...Breach).
Target did everything to ensure that sales did not take too much of a hit after the discovery of
this security breach, but shoppers who felt unsafe took their business elsewhere or decided to pay
in cash. Targets first priority was preserving its guests trust and confidence, so the company
moved swiftly to address this issue so that its guests could continue to shop at Target with
confidence (Target...Breach).
4. Timeline of Events (As published in the Wall Street Journal and by news agency Reuters)
November 27 - December 15, 2013: Data hack at United States Target stores exposes as many
as 40 million credit and debit-card customers to potential fraud.
December 18, 2013: News of the data hack is reported by KrebsOnSecurity, a blog specializing
in data and security. The Wall Street Journal also reports that the Secret Service is investigating.
December 19, 2013: Target Corporation confirms the breach of credit-card information publicly,
stating that the incident is under full investigation. The retailer is flooded with customer service
calls from customers who are attempting to protect their data.
December 20, 2013: Target releases a statement saying it has received very few reports of
credit-card fraud extending from the security breach. The statement also says the company has
no indication that any birth dates or social security numbers were stolen.
December 21, 2013: J.P Morgan Chase enforces daily limits on spending and withdrawals as it
works to reissue cards to Target customers affected by the breach. A spokeswoman for Target,
Molly Snyder, says that the company is working to help customers change debit card PIN
numbers and obtain detailed credit reports to give them peace of mind.
6
November 2013
December 22, 2013: Target stores take a sales hit in the wake of the security breach, with
transactions down by 3-4% on the last weekend of holiday shopping before Christmas.
December 23, 2013: Tim Baer, Targets general council, hosts a conference call with state
attorneys general from around the US to talk about the data breach. The U.S. Department of
Justice, the Secret Service and a third-party forensics unit launch a full investigation.
December 27, 2013: The ongoing investigation reveals that that encrypted debit card PIN
information was accessed during the breach, though Target says it believes PIN numbers remain
safe.
January 10, 2014: Target says that some additional 70 million customers had their personal
information stolen during the holiday data breach. The stolen information may include names,
mailing addresses, phone numbers, or emails. The retailer also lowered its outlook for its fiscal
fourth quarter, saying sales were meaningfully weaker than expected after news of the data
breach was disclosed (Germano).
August 2014: The impact on Targets sales and stock price is so strong that its president/CEO,
Gregg Steinhafel, is forced to resign. He is replaced by Brian C. Cornell.
August 2015: Target agrees to pay up to $67 million to financial institutions that issue Visa cards
as compensation for their losses. This happens after a proposal to pay $19 million to MasterCard
fails in May 2015 (Reuters).
September 2015: A federal judge allows a class action against Target, saying banks can pursue
their claims together over the breach. Target says it is analyzing what to do next. News agency
Reuters indicates in a news story that this ruling makes a settlement with the banks a likely
solution (Reuters).
5. Company Response
In response to Target Corporations Credit Card Crisis of 2013, the company took a variety of
steps to try to fix the trust problems between the corporation and its customers. The company
attempted to contact the affected buyers promptly. This communication was informational
regarding what steps the customer should take, and it also included general tips to guard against
consumer scams (Target ProvidesCorporate).
5.1 Letter from President/CEO
An immediate action taken by Target was that its President and CEO, Gregg Steinhafel, sent a
letter to all Target customers explaining the situation and the measures that the company was
taking in order to ensure continued trust from its customers (Steinhafel). The letter was sent to
7
November 2013
each customer and was also made public on November 20, 2013. In the letter, CEO Steinhafel
stated, Our brand has been built on a 50-year foundation of trust with our guests, and we want
to assure you that the cause of this issue has been addressed and you can shop with confidence at
Target (Steinhafel). (Please see appendix 2 for the full letter.)
5.2 Updated Website
Complementing the letter communication, Target took the measure to create a new section on its
website called Data Breach FAQ (Data Breach FAQ). This page was launched immediately
following the release of the letter from Steinhafel. It allowed customers to read information
about the data breach and to have the most relevant questions about the credit card situation
answered in one single webpage (Data Breach FAQ) (See appendix 3)
Adding this section to Targets website upon the discovery of the data breach allowed Target
customers to feel connected and begin to trust the company again, even after an impactful crisis
such as this one. Questions that customers asked included, What happened? Has the issue been
resolved? Does the information include social security numbers? How could Target let this credit
and debit card information get accessed? (Data Breach FAQ). The answers to all these
questions and more were featured on Targets website and can be seen in appendix 4.
5.3 Facebook Page
Target also kept the public informed through social media platforms such as Facebook.
Nonetheless, when it came to social media, Target was not very prompt at providing information
to the public. On Facebook, the first time that Target Corporation posted about the credit card
breach was on January 2, 2014, almost a whole month since Target found out about the breach
(Target). Each of Targets posts was aiming to gain trust back from its customers. For example
there was a post on January 2 that stated, After an event like a data breach, scams seeking
personal information are common. Here are tips on how to further protect yourself and steps
were taking to help. http://tgt.biz/Update (Target). As the month of January 2014 went on,
Target posted more links to information about the data breach investigation and about the deal
that Target would be offering its customers regarding free daily credit monitoring as well as a
free credit report (see appendix 5). The Facebook page also acted as a way for Target to respond
to customers comments and concerns left on their posts. For Target, its Facebook page was an
easy way to get information out to its customers and gain trust back from them by showing that it
was actively doing something to remedy the credit card breach.
5.4 REDcard
Since this crisis happened, and at a time when Target has had an uneven sales performance
because of it, the company has used the security breach to promote its Red credit and debit cards
8
November 2013
by enticing shoppers to use these cards instead of traditional credit or debit cards
(TargetBreach).
Since 2010, Target has offered shoppers who use its cards 5 percent off on purchases, and it has
offered other incentives like free shipping for online customers (TargetBreach). During this
breach, Target added other incentives to use its cards. For example, in November 2013,
Target.com ran a special review sale with 25 exclusive offers for those who used the REDcard.
As a result of these incentives, Target said it saw an increase on the spending level of about 50
percent among those customers who had a REDcard (TargetBreach).
5.5 Free Credit Monitoring Service
Target stores partnered with Experian, a leading worldwide information service program, to offer
free one-year credit monitoring and identity theft protection, also known as ProtectMyID (Yang
and Jayakumar), to all shoppers affected by the data breach (Data Breach FAQ). In addition,
Target offered to reissue cards upon request because the company wanted to make sure that
shoppers knew that they would have no liability for losses acquired as a result of the security
breach (George). When customers signed up for this Target-sponsored free credit monitoring
service, customers would receive daily credit card monitoring, identify theft insurance, and
assistance from a Fraud Resolution Agent. This offer applied to all Target guests who shopped in
U.S. stores during the breach (Data Breach FAQ).
If a customer signed up for this service, he or she would receive an email with an activation
code, instructions on how to activate the account and a sympathetic closing message reassuring
customers that Target apologized for any inconvenience that the breach may have caused
shoppers (please see appendix 6 to read the full email).
Once shoppers activated their account, they would receive a Welcome email from Experians
ProtectMyID service. This email welcomed customers as ProtectMyID members, provided them
with tips on how to maximize their protection, suggested ways on how to stay updated and
informed, and informed them on how Experians ProtectMyID helps protect its members. This
email helped ensure customers that they were in the best care possible (please see appendix 7 for
the full email). After a year of free credit monitoring service, customers would be asked to pay if
they wanted to continue the service or would have to drop the service all together (Data Breach
FAQ).
Naturally, Target sales dropped after this data breach discovery. Nonetheless, due to the
proactive public relations tactics implemented by the company in order to keep its customers
loyalty, it did not take long for its sales to go back up (see section 6: Financial Impact).
5.
CEO Resigns
9
November 2013
Gregg Steinhafel had been the CEO of Target since 2008. However, nearly five months after
Target announced its credit card breach, Steinhafel resigned as chief executive officer and from
Targets board of directors (D'innocenzio). Steinhafel was the public face of the breach, and the
company struggled to recover from it, said Cynthia Larose, chair of privacy and security practice
at law firm Mintz Levin (D'innocenzio).
Steinhafel and Targets board of directors both said in a statement that they decided its the
right time for new leadership at Target. In addition, the board mentioned that Steinhafel held
himself personally accountable for Targets damaged reputation and profits
(StatementDirectors). Essentially, Steinhafels resignation suggests that Target wanted a clean
slate as it battled the backlash from the credit card breach (D'innocenzio).
Brian C. Cornell eventually took over Gregg Steinhafels position in August 2014 (Wahba).
Before becoming CEO of Target, Cornell worked at Safeway from 2004 to 2007 as chief of
marketing, as CEO of Michaels Stores from 2007 to 2009, and then as CEO of Sams Club. At
each job he expanded the chains house brands. In addition, at Sams Club, Cornell reversed a
drop in sales and made it one of the fastest-growing divisions (Wahba).
Cornell implemented serious changes in Target as soon as he became its CEO. He started making
quick decisions, such as offering free online shipping during the holiday season. This decision
was made in a matter of days, when in the past it would have taken months (Wahba). Cornell has
kept on making many changes to Target ever since; for starters, he closed all stores in Canada so
that the company could focus on its U.S. business. He also asked customers for their opinions on
which signs were hard to read in the stores and on the stores lighting (Wahba). He then took
these conversations and used this qualitative data to identify problems and ways to fix them to
strengthen customer satisfaction. In addition, Cornell has been planning on bringing in more
brands to the stores and make Targets food selection more distinctive in order to increase sales
(Wahba). Cornell is giving himself and his team three years to implement these and other
changes to Target (Wahba). Even though each of these changes is not major, when put all
together in the following years, Cornell expects people will say, Boy, Target made a huge
transformation (Wahba).
Other transformations at Target are easily visible. For instance, Cornell eats in the companys
cafeteria to build stronger relationships with the staff, he opened Targets annual fall meeting to
the press, and the company created a lounge where employees can check out what merchandise
is new in stores and can bounce ideas off to one another in a relaxed environment (Wahba).
Therefore, not only has Cornell helped Targets economic environment and customer
satisfaction, but he has also helped the companys overall working environment.
10
November 2013
6.
Financial Impact
Even before the Credit Card Crisis of 2013, Target struggled with sales because the recession led
to increasingly frugal shoppers. In addition, the company struggled with its customers opinions
on appropriate prices (Data-breach...Profit). Although Target seems to be doing well, as of now,
it is hard to say if this breach will cause long-term problems for the department store chain
(Kim).
The information breach severely impacted Target financially. Forty million customers credit and
debit card information was stolen. In addition, roughly 70 million customers also had their
personal information taken. This resulted in two major lawsuits against Target, as well as state
and federal investigations, which severely damaged Target financially (Yang and Jayakumar).
According to Targets fourth quarter financial reports in 2013, the company expected an adjusted
Earnings Per Share (EPS) of $1.20 to $1.30, compared with prior estimates of $1.50 to $1.60.
The companys grim outlook at the time showed that, after the breach, Target assumed sales
would decline by 2.5 percent by the end of the fourth-quarter in 2013. Before the data breach, the
companys sales expectation reflected stronger-than-expected fourth-quarter sales, and after the
breach, sales were weaker than expected. Target sales continued to decline from 2 percent to 6
percent for the remainder of the quarter (An...Performance). Not only was there a drop in sales,
but there was also an expense increase due to the lawsuits that followed the crisis (Yang and
Jayakumar).
In addition to the financial impact, Target also experienced an impact on its reputation. After the
security breach, many customers no longer trusted Target as a place to shop. In a statement
released by Targets Chairman, President and CEO at the time, Gregg Steinhafel, he said,
Target's first priority is preserving the trust of our guests and we have moved swiftly to address
this issue, so guests can shop with confidence. We regret any inconvenience this may cause
(Target...Breach). Despite Steinhafels words, this crisis affected millions of people. More
importantly, the crisis happened during the holiday season. This caused a lot of consumer
concern. Unfortunately, one of Targets biggest public relations issues was that it did not
adequately implement a strategy to provide customers with the confidence they needed, as fast as
they needed it, to shop again at Target with their debit and credit cards.
When Target released its statement about the breach, it started out with the following, We
wanted to make you aware of unauthorized access to Target payment card data (Targets
Biggest Breach). Then, later on in the statement, regarding whether the issue had been
resolved, Target responded with the following assertion, Yes, Target moved swiftly to address
this issue so guests can shop with confidence. (Target's Biggest...Breach). At first, the company
did not include the details of the incident and some of the stepts that customers could take to
protect their personal information, which hindered Targets reputation. In the past and, in
11
November 2013
general, Target has held a good reputation regarding security in its stores, and it had been good
about communicating with its publics. However, in this situation, Target focused more on telling
customers what they wanted to hear in order to make them feel safe instead of telling them what
they needed to hear to protect their financial safety (Target's Biggest...Breach). This impacted the
2013 fourth-quarter profits and sales.
In an attempt to repair its reputation, a couple of days after the incident was disclosed, Target
offered a 10% discount on everything in the store to draw customers back and to make up for the
backlash caused by the massive data breach. However, customers were still not confident about
swiping their cards at Target just yet (Target...Hacking). Although offering a discount was
helpful to restore some damage, it was not enough to make customers feel safe about using their
cards in the store right away.
Target's data breach resulted in financial struggles and reputational costs, which both resulted in
damage to its stock price. Although it is no surprise, when Target announced the breach, Target
(NYSE: TGT) stock fell nearly 15 percent in the 12 months after the credit card crisis (Moylan
and Nelson). In just the fourth-quarter of 2013 alone, the breach resulted in $17 million in net
expenses, and as of February of 2014 there were $61 million in total expenses, balanced by $44
million in insurance payouts (Data-breach...Profit) (Kim). Performance in the stock market is a
very valuable indicator that reflects the future value and the overall perception of the
corporation, which means that such a sharp drop in the stock price is definitely a challenge.
Please see appendix 8 for a picture from Yahoo Finance that displays the Target stock price from
October 2013 to March 2015. It is clear that the stock started dropping dramatically when Target
announced the breach and had to start facing additional expenses to fix the issues that resulted
from this crisis. However, since then, the stock has not only recovered as the impact of the Credit
Card Crisis of 2013 dissipated, but Target has actually increased its company value since then
(Target Corp. TGT).
Given the negative financial impact and the reputational damage that Target suffered at the time,
it is worth noticing how well the company has recovered, and how it has improved its former
financial and reputational status (please see appendix 9). This would indicate that people are now
looking beyond Targets credit card crisis, regardless of whether it is because of the actions
Target has taken, or because of other factors that could be at play, such as the general recovery of
the U.S. economy. Customers seem to trust Target again, and this has allowed Target to regain
its market share.
Still, the crisis is not totally over, and Target is still facing some financial consequences. For
example, in September of 2015, a federal judge allowed a class action against Target, saying that
banks can pursue their claims together over the breach. A Targets spokesperson said the
company is analyzing what to do next. News agency Reuters indicated in a news story that this
12
November 2013
ruling makes a settlement with the banks a likely solution (Reuters). Given Targets recovery, the
possible settlement with banks is not going to be a strong hit, but it demonstrates that this is a
long-term situation and the consequences of the breach are not over yet.
7.
What Happens Next?

Besides the many steps that Target took to regain trust among its shoppers and to maintain
security within its stores, there are also changes that credit card companies, in general, have been
planning and implementing to ensure security for consumers while using credit and debit cards,
especially because the Target Crisis is far from being the only credit- and debit-card scare in the
last decade.
For example, in late 2014, Home Depot reported a security breach where the information of 56
million credit and debit cards was stolen (Weise). In early 2007, TJX Company (which owns
brands like T.J Maxx and Marshalls) suffered a data breach that affected at least 94 million
customers. In 2013, White Lodginga company that upholds the Hilton, Marriott, Sheraton and
Westin hotel franchisesexperienced a credit card breach in its locations in Austin, Chicago,
Denver, Los Angeles, Louisville and Tampa. The breach only affected people who used their
card in the hotels restaurants and bars (Pepitone) (Sutton). These security breaches happen more
often than we think.
Because these security breaches happen so often, there are things that can be done to protect
shoppers. For example, the United States can become up-to-date with the technology used in
several other countries by replacing the magnetic strip on the back of credit and debit cards,
which hold data, with a digital chip, also referred to as Europay Mastercard and Visa (EMV),
which prevents thieves from counterfeiting cards with stolen data (Target Card View).
Magnetic stripes have the same encryption method from card to card, while the encryption
method for EMV chips varies, making the latter cards harder to hack. Although, the United
States is headed in the direction of utilizing the EMV chip, it has yet to completely get rid of all
magnetic strips (Sekar).
Only recently have credit card companies started replacing old credit and debit cards that have a
magnetic strip with a Europay Mastercard and Visa (EMV) smart chip. These new chip cards are
equipped with a memory capability that stores and transmits encoded data, making it difficult to
steal. With this chip, cardholders are often required to enter a personal identification number to
complete the transaction and ensure maximum security (Douglas).
For years, the credit card industry has been pushing everyone involved in the U.S. payment
system --the banks that issue the cards, the merchants that accept the cards, and the financial
firms that manage the transactions-- to convert to these chips. But these involved parties are not
13
November 2013
thrilled with the multi-million dollar investment that is needed in order to make the switch
(Douglas). MasterCard president of North America Chris McWilton stated the following during
an interview,
Target was a wake-up call. If you lose the public trust whether you're a bank or a
merchant, you don't have a business. And all of the spreadsheets in the world become
meaningless. Now we're seeing a groundswell of interest in migrating to EMV. It is one
of the key steps in securing the payment system on all channels. EMV only covers security
in the physical world. There is a whole other set of technology being rolled out to secure
digital or e-commerce transactions (Douglas).
Although the change to EMV chips does not help with online purchases, it is a step in the right
direction. Sooner or later, the United States will be on its way to being more secure with its
credit card system, reducing the frequency of problems such as the Target breach and increasing
consumers trust in credit card transactions.
As of 2015, the chip system in credit cards has been implemented, and Target is using, for now,
both systems: card swiping (magnetic strips) and cards with EMV smart chips (you insert them
into a device that reads the information from the card).
14
November 2013
Appendices
Appendix 1:
(http://abcnews.go.com/blogs/lifestyle/2014/03/target-apologizes-for-thigh-gap-photoshop-fail/)
(http://robertoblake.com/blog/2014/03/what-we-can-learn-from-the-target-photoshop-fail/)
15
November 2013
Appendix 2
(https://corporate.target.com/article/2013/12/important-notice-unauthorized-access-to-paymentca)
16
November 2013
Appendix 3
(https://corporate.target.com/about/shopping-experience/payment-card-issue-faq)
Appendix 4
(https://corporate.target.com/about/shopping-experience/payment-card-issue-faq)
17
November 2013
Appendix 5
(https://www.facebook.com/target)
18
November 2013
Appendix 6
(Reference withheld for blind review)
19
November 2013
Appendix 7
(Reference withheld for blind review)

Appendix 8
20
November 2013
(http://finance.yahoo.com/echarts?s=TGT+Interactive#%7B%22range%22%3A%222y%22%2C%22sca
le%22%3A%22linear%22%7D)
Appendix 9
Date
Stock Price
Estimated Market
Cap
Delta Market Cap

versus December
19, 2013
December 19, 2013
$63.55
39.8 Billion
---------------------
February 5, 2014
$55.07
34.4 Billion
-5.3 Billion
November 19, 2014
$72.50
45.4 Billion
+5.6 Billion
March 27, 2015
$81.56
$52.3 Billion
+6.9
(Chart created based on information from
http://finance.yahoo.com/echarts?s=TGT+Interactive#%7B%22range%22%3A%222y%22%2C%22scal
e%22%3A%22linear%22%7D)
21
November 2013
8. References
a. "About Target: Our Passion, Our Commitments | Target Corporate." About Target: Our
Passion, Our Commitments | Target Corporate. Target Corporation, Web. 07 Nov. 2014.
<https://corporate.target.com/about/>.
b. "An Update on Our Data Breach and Financial Performance." An Update on Our Data
Breach and Financial Performance. Target Brands, Inc., 10 Jan. 2014. Web. 12 Nov. 2014.
< https://corporate.target.com/article/2014/01/an-update-on-our-data-breach-and-financialperform>.
c. Condon, Stephanie. "Target Apologizes for Controversial Political Donation." CBSNews.
CBS Interactive, 5 Aug. 2010. Web. 08 Nov. 2014. <http://www.cbsnews.com/news/targetapologizes-for-controversial-political-donation/>.
d. "Data-breach Costs Take Toll on Target Profit." CBSNews. CBS Interactive, 26 Feb. 2014.
Web. 12 Nov. 2014. <http://www.cbsnews.com/news/data-breach-costs-take-toll-on-targetprofit/>.
e. "Data Breach FAQ." Payment Card Issue FAQ. Target, n.d. Web. 04 Mar. 2015.
<https://corporate.target.com/about/shopping-experience/payment-card-issue-faq>.
f. D'innocenzio, Annie. "Target CEO Resigns Amid Fallout From Massive Data Breach." The
Huffington Post. TheHuffingtonPost.com, 5 July 2014. Web. 23 Mar. 2015.
<http://www.huffingtonpost.com/2014/05/05/target-ceo-resigns_n_5266229.html>.
g. Dockterman, Eliana. "American Eagle Stops Photoshopping Models for New Lingerie
Campaign." Time. Time, 18 Jan. 2014. Web. 16 Apr. 2015.
<http://time.com/1187/american-eagle-ditches-photoshop-for-new-lingerie-campaign/>.
h. Douglas, Danielle. "MasterCard, Visa Explain Why Your Credit Card Isnt Safer." The
Washington Post. The Washington Post, 20 Feb. 2014. Web. 12 Nov. 2014.
<http://www.washingtonpost.com/blogs/wonkblog/wp/2014/02/20/mastercard-visaexplain-why-your-credit-card-isnt-safer/>.
i. Feldman, Jamie. "Target's Latest Photoshop Fail Looks Pretty Painful (UPDATED)." The
Huffington Post. TheHuffingtonPost.com, 11 Mar. 2014. Web. 08 Nov. 2014.
<http://www.huffingtonpost.com/2014/03/11/target-photoshop-fail_n_4940819.html>.
22
November 2013
j. George, Bill. "Target's Leaders Follow the Playbook For Handling Crisis Well." The
Huffington Post. The Huffington Post, 15 Jan. 2014. Web. 12 Nov. 2014. <
http://www.huffingtonpost.com/bill-george/targets-leaders-follow-th_b_4603633.html?>.
k. Germano, Sara. "Targets Data-Breach Timeline." Corporate Intelligence RSS. Wall Street
Journal, 2013. Web. 13 Nov. 2014. < http://blogs.wsj.com/corporateintelligence/2013/12/27/targets-data-breach-timeline/>.
l. Kim, Susanna. "Target (TGT) Profits Hit By Card Security Hack." ABC News. ABC News
Network, 26 Feb. 2014. Web. 12 Nov. 2014. < http://abcnews.go.com/Business/targetprofits-hit-card-security-hack/story?id=22680841>.
m. Moylan, Martin, and Tim Nelson. "Target CEO Is out following Credit Card Breach; Stock
Drops." Minnesota Public Radio News. Minnesota Public Radio, 5 May 2014. Web. 12
Nov. 2014. <http://www.mprnews.org/story/2014/05/05/target-ceo-out>.
n. Pepitone, Julianne. "TJX: 94 Million." CNNMoney. Cable News Network, 12 Jan. 2014.
Web. 23 Mar. 2015.
<http://money.cnn.com/gallery/technology/security/2013/12/19/biggest-credit-cardhacks/3.html>.
o. Reuters. Ruling allows banks to sue Target over 2013 data breach. The New York Times,
15 Sept. 2015. Web. 28 Oct. 2015. <http://www.nytimes.com/2015/09/16/business/rulingallows-banks-to-sue-target-over-2013-data-breach.html?ref=topics&_r=1>.
p. Sekar, Anisha. "How to Protect Your Credit Card From a Data Breach - US News." US
News RSS. News & World Report LP, 6 Jan. 2014. Web. 23 Mar. 2015.
<http://money.usnews.com/money/blogs/my-money/2014/01/06/how-to-protect-yourcredit-card-from-a-data-breach>.
q. "Statement from Target's Board of Directors." Target Pressroom. Target Corporation, 5
May 2014. Web. 23 Mar. 2015. <http://pressroom.target.com/news/statement-from-targetsboard-of-directors>.
r. Steinhafel, Gregg. "A Message from CEO Gregg Steinhafel about Targets Payment Card
Issues." Target Corporation. Target, 20 Nov. 2013. Web. 4 Mar. 2015.
<https://corporate.target.com/article/2013/12/important-notice-unauthorized-access-topayment-ca>.
23
November 2013
s. Sutton, Joe, and Holly Yan. "Hotels Company Apparently Hacked, Exposing Guests' Credit
Cards - CNN.com." CNN. Cable News Network, 3 Feb. 2014. Web. 23 Mar. 2015.
<http://www.cnn.com/2014/02/02/business/hotels-credit-card-hacking/>.
t. "Target." Facebook. N.p., 2014. Web. 04 Mar. 2015.
<https://www.facebook.com/target?fref=ts>.
u. "Target's Biggest PR Mistake With Credit Card Security Breach." Forbes. Forbes
Magazine, 20 Dec. 2013. Web. 12 Nov. 2014.
<http://www.forbes.com/sites/anthonykosner/2013/12/20/targets-biggest-pr-mistake-withcredit-card-security-breach/>.
v. Target Card Breach and What to Do: Our View." USA Today. USA Today, 11 Feb. 2014.
Web. 12 Nov. 2014. < http://www.usatoday.com/story/opinion/2014/01/02/target-creditcard-debit-card-breach-editorials-debates/4295661/>.
w. Target Provides Update on Data Breach and Financial Performance. Target Corporation.
Target, 10 Jan. 2014. Web. 10 Mar. 2015. <http://pressroom.target.com/news/targetprovides-update-on-data-breach-and-financial-performance>.
x. Target Says 40 Million Credit, Debit Card Accounts May Be Affected by Data
Breach."Fox News. FOX News Network, 19 Dec. 2013. Web. 12 Nov. 2014.
<http://www.foxnews.com/us/2013/12/19/target-says-40m-accounts-may-be-affected-bydata-breach/>.
y. "Target Scrambles to Limit Financial Impact of Credit Card Hacking." CBSNews. CBS
Interactive, 22 Dec. 2013. Web. 12 Nov. 2014. <http://www.cbsnews.com/videos/targetscrambles-to-limit-financial-impact-of-credit-card-hacking/>.
z. "Target through the Years." Target through the Years. Target Corporation, Web. 07 Nov.
2014. <https://corporate.target.com/about/history/Target-through-the-years>.
aa. Target Corp. (TGT). 2014.
<http://finance.yahoo.com/q?uhb=uh3_finance_vert&fr=&type=2button&s=TGT>.
bb. "The Long Arm of the Model." EllenTV. 2014. Web. 08 Nov. 2014.
<http://www.ellentv.com/videos/0-22civl8e/>.
cc. Weise, Elizabeth, and Chris Woodyard. "Home Depot: Card Breach Put 56M Cards at
Risk." USA Today. Gannett, 19 Sept. 2014. Web. 23 Mar. 2015. <
24
November 2013
http://www.usatoday.com/story/tech/2014/09/18/home-depot-credit-card-breach-56million/15843181/>.
dd. Wahba, Phil. "Target Has a New CEO: Will He Re-energize The retailer?" Fortune. Target
Has a New CEO Will He Reenergize Theretailer Comments. Time Inc., 1 Jan. 2015. Web.
23 Mar. 2015. < http://fortune.com/target-new-ceo/>.
ee. Yang, Jia Lynn, and Amrita Jayakumar. "Target Says up to 70 Million More Customers
Were Hit by December Data Breach." The Washington Post. The Washington Post, 10 Jan.
2013. Web. 12 Nov. 2014. < http://www.washingtonpost.com/business/economy/targetsays-70-million-customers-were-hit-by-dec-data-breach-more-than-firstreported/2014/01/10/0ada1026-79fe-11e3-8963-b4b654bcc9b2_story.html>.
ff. Reuters. Ruling Allows Banks to Sue Target Over Data Breach. The New York Times.
The New Yourk Times, 15 Sept. 2015. Web. 12 Dec.2015.
<http://www.nytimes.com/2015/09/16/business/ruling-allows-banks-to-sue-target-over2013-data-breach.html?ref=topics&_r=0>
25

Target Crisis Case Study

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Target Crisis Case Study

Hochgeladen von

Copyright:

Verfügbare Formate

Target Corporation Credit Card Crisis: An Analysis of Targets Response to a Data Breach in

Target Corporation Credit Card

An Analysis of Targets Response to a Data Breach in

Arthur W. Page Society

2. A Brief History of the Target Corporation

3. The Credit Card Crisis of 2013

7. What Happens Next?

Design for All

What Happens Next?

(Reference withheld for blind review)

(Reference withheld for blind review)

Delta Market Cap

December 19, 2013

November 19, 2014

March 27, 2015

(Chart created based on information from

Das könnte Ihnen auch gefallen