Target CEO Issues Apology for Data Breach

In the wake of one of the largest credit card breaches at a U.S. retailer, Target Corp. CEO Gregg Steinhafel took to the digital airwaves to issue a personal apology to the approximately 40 million customers impacted by the hacking, which occurred from Black Friday to Dec. 15.

To help make up for the problem, which Steinhafel said has since been "eliminated," Target is offering customers its 10 percent employee discount this weekend. (The full text of Steinhafel’s e-mail to customers appears below.)

While various theories emerged about how the massive security breach occurred, experts were quoted in published reports as saying that the perpetrators must have had some inside knowledge of the company’s POS system to compromise it so effectively.

Malware infiltrating the card readers at Target’s 1,797 stores nationwide is thought to be the likely culprit behind the data heist. As many as 40,000 card devices may have been affected, which Target described as “a very sophisticated crime.”

Text of Target CEO Gregg Steinhafel’s e-mail to customers:

Dear Target Guest,

As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores. We take this crime seriously. It was a crime against Target, our team members and most importantly you -- our valued guest.

We understand that a situation like this creates stress and anxiety about the safety of your payment card data at Target. Our brand has been built on a 50-year foundation of trust with our guests, and we want to assure you that the cause of this issue has been addressed and you can shop with confidence at Target.

We want you to know a few important things:

  • The unauthorized access took place in U.S. Target stores between Nov. 27 and Dec. 15, 2013. Canadian stores and were not affected.
  • Even if you shopped at Target during this time frame, it doesn’t mean you are a victim of fraud.
  • In fact, in other similar situations, there are typically low levels of actual fraud.
  • There is no indication that PIN numbers have been compromised on affected bank-issued PIN debit cards or Target debit cards. Someone cannot visit an ATM with a fraudulent debit card and withdraw cash.
  • You will not be responsible for fraudulent charges – either your bank or Target have that responsibility.
  • We’re working as fast as we can to get you the information you need. Our guests are always the first priority.

For extra assurance, we will offer free credit monitoring services for everyone impacted. We’ll be in touch with you soon on how and where to access the service.

Please read the full notice [here]. And over the coming days and weeks, we will be relying on and our various social channels to answer questions and keep you up to date.

Thank you for your patience, understanding and loyalty to Target!

Gregg Steinhafel