When George Dayton founded Target in 1902 as Dayton’s, he ran his business with strict conservative morals that forbade the selling of alcohol and absolutely no business-related activities on Sundays. Dayton’s business model relied on hard work, sacrifice, and following the rules and it is a framework that has led the Target Corporation to phenomenal success. After over 100 years of development and expansion, Target has nearly 2,000 stores worldwide and brought in over $20 billion in revenue in 2013. Yet, like many huge corporations in the world, following a strong start and a solid foundation, Target began to place more emphasis on profits than on customers and as a result of Target failing to upgrade its computer security systems, the data of over 40 million credit and debit cards were stolen from its database. Even today, more than 6 months after the incident, its effects are still being evaluated and while the entire extent of its damage can never truly be known, it has had a significant effect on Target’s and among others’ bottom lines as well as arguably ruined a great deal of trust between consumers are so-called “big box” retailers.
A Day That Will Live in Infamy
As many may recall, in 2007 retailer TJ Maxx experienced a similar security breakdown when hackers were able to clandestinely collect nearly 46 million credit card numbers leading to an estimate net loss of $4.5 billion for all the parties involved. The TJ Maxx hack was heralded as the biggest hack of all time and was described as a perfect case study of a retailer failing to protect their customer’s information, yet it seems that the shock it generated failed to shock Target into doing their due diligence to their consumer base. Both the TJ Maxx and the Target breaches were the result of a computer hacker installing a program on the retailer’s corporate network that directed all store registers to transmit credit card data as it is swiped to a hijacked server that the hackers then access. Ironically, Target actually installed some of the world’s most advanced malware detecting software, FireEye, only six months before the breach and was actually notified by FireEye’s agents on November 30, 2014 that malware had been installed on Target’s servers. According to a Bloomberg News report, Target received the warning but stood idly by as ” 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes.” This is the most upsetting detail of the entire disaster as it was not just in Target’s customers’ best interests, but Target’s interest as well to protect that data but when warned and given ample time to prevent a security breach, absolutely no action was taken.
Following Target’s huge misstep, the full economic impact of the breach is still being tabulated but it looks to be massive. Target saw almost a 50% decline in Holiday sales compared to the previous year, its stock prices dropped dramatically, and banks shelled out $240 million just to reissue their customers new cards. Aside from the directly tangible damage caused by the breach, there is a great deal of less tangible casualties as Target’s reputation has forever been tarnished and it will take years, likely decades, to restore consumer confidence. One could compare this to the massive 1993 Jack in the Box E. Coli outbreak that affected nearly 200 people and killed 3 children. Following the mass food-poisoning epidemic, the Food and Drug Administration was forced by popular opinion to make the first drastic overhaul to its food handling regulations since Upton Sinclair released The Jungle in 1906 and one can hope that the public can also force the government’s hand in demanding more accountability regarding information security from corporations. Target seems to understand the implications of its failings as in June 2014, Target’s CEO George Steinhafel was fired after 35 years with the company, but don’t feel too bad as his stellar job netted him a $55 million severance package. Just as Jack in the Box had to completely restructure itself to rebuild consumer trust, Target is now tasked to return to the roots that George Dayton planted for the company a hundred years ago. It will not be easy, but as they say, nothing worth it is ever easy.