Target’s Data Breach and Its Weasel CEO

Gregg Steinhafel Is the Alex Rodriguez of Retailing

We have a Target store in the neighborhood. I never liked the place. And I liked it less when Target lawyers sent a letter to my former company ordering us to stop using the term Target Marketing. It makes no mind that Target Marketing has been around for 40 years and Target stores have not. Lawyers are in the business of being weasels, making trouble and collecting fees.

On Dec. 19, 2013, a data breach of Target was reported. Over the coming weeks, the news got worse and worse.

By the New Year, it became obvious:

  1. Target had created a data catastrophe.
  2. Target’s cover-your-ass P.R. campaign leaked out news of the worsening situation, until it was revealed 110 million consumers were victimized.

That’s roughly one-third the U.S. population.

The sequence:

Dec. 19, 2013: 40 Million Credit & Debit Accounts Stolen
The company early Thursday confirmed a data breach may have affected about 40 million credit card and debit card accounts between Nov. 27 and Dec. 15. —The Wall Street Journal

• Dec. 20, 2013: Okay, Take 10% Off Everything
Target CEO Gregg Steinhafel issued an apology on the company’s website Friday to the approximately 40 million customers affected by one of the largest credit-card breaches ever to hit a U.S. retailer. To make up for the problem, which Steinhafel said has been “eliminated,” Target is offering customers 10 percent off this weekend, the same discount Target workers get.

• Dec. 26, 2013: Take Up to 50% Off After Xmas Clearance
If you are headed out to Target today—as you know—today is the day that many items will be already marked at 50% off. Clearance will vary from store to storesome stores may have practically nothing, while others may have lots of stuff left. Most of the usual Holiday itemsdecorations, ornaments, giftwrap, stocking stuffers and more should all be at 50% Off today. But there are lots of seasonal grocery and household items to watch for now that it is after Christmas, too.

Denny Hatch is the author of six books on marketing and four novels, and is a direct marketing writer, designer and consultant. His latest book is “Write Everything Right!” Visit him at

Related Content
  • Kathy Wattman

    Wow – your article really reeked of bitterness. Not really very professional.

    Sadly, 89% of all attacks on business come from Social Engineering. Security professionals can work their tushies off and it all goes to waste when a lone user clicks on a link. Now mind you, these are not the phishing attemptsof old. These are very targeted attempts. The bad guys scour your personal preferences, profiles, work comments, LinkedIn profiles and shoot you over a cleverly designed personalized email to get you to click. It may be an offer for your dept. to log on to order this Friday’s free lunch or see Joan’s picturesin accounting from her recent vacation. It is more prominent than you think. It mayhave nothing to do with company policies or legal posturing. Users really are the most common cause of these breaches in studies and reports ad nauseum.

    Target just happens to be one of the largest andmost high profile. But this was months in the making. It usually takes months to figure out and investigate this type of breach and the fact Target is doing something about it is actually quite commendable.

  • Anonymous

    As a professional writer, you should know better than to say everything was 50% off – which was blantantly false in its exactness.

  • The Iron Maiden

    Thank you for the commentary on Target’s PR response in the wake of their data breach. I thought it was right on point and the threat to the use of the Target Marketing name insulting. You definitely captured my thoughts exactly and prompted me to contact Target to say the same. As a potential casuality of the Target breach, I appreciated the free year of Experian credit monitoring, but felt that it was a necessary accommodation at the least. I had previously held Target in the vanguard of new age institutions, being socially, environmentally and morally responsible. However, their handling of this debacle is quizzical and lacking in the regards you point up–and causes me to reevaluate that high regard. Anyways, I find the newsletter very informative—and appreciate your contributions!

  • Rod Fowler

    Dear Denny, I love to hear the whisper of your blade. :) I am surprised at those here leaping to defend the indefensible. ?!! You are dead right on this Target debacle. Steinhafel would be hopping mad were he treated the way he has treated his customers.
    Thanks for still more clarity in this morally murky world. Well-done.

  • GeorgeM

    Hello? I’d like to order a one-year subscription to "Who’s Mailing What!" with my Target Gift card. Am I in the right place? :)

  • Wqsh

    I’m still fascinated with the Ezra Klein thing. I read his lede in that link, noting that he never identified himself while referring to himself as "I"." Kinda grand to expect others to get you without saying who your are. Apparently a multitude of commenters seemed to struggle with the same dilemma, while others (supporters?) seemed to think we obligied to consult Wikipedia for such basic info. Mind you, I already had a line on Mr. Klein from your prior blog, so your link continued the illumination about this guy’s inability to sell his stuff to an audience…

  • Will Ezell

    There’s one noteworthy and newsworthy item related to this. In the next several months, a Florida-based company will be announcing their new credit card "chip" that’s embedded into the card with which facilitates an interactive algorithm capable of preventing the use of credit card numbers alone. At least for "live" transactions… I don’t know a lot more details, but this will make data theft like the Target breach potentially worthless – at least until they crack the algorithm code…

  • Olga


    You are the reason I read Target Marketing regularly. Thanks for your great insight. You are such a great read.

    Thanks and keep it coming!

  • Judy Colbert

    Target seems to have a lust for doing things wrong. Several years ago, the National Federation of the Blind filed suit against Target (after trying to talk with them) because the Target Web site was not accessible to visually impaired people. This was particularly true when it came to refilling prescriptions. A screen reader could not read the text and enter a Rx number. Target countered by saying the Web site wasn’t a bricks and mortar operation. NFB countered by saying it was acting as one. There are more details, but basically, Target could have said, "You know, you’re right, let’s make our site 508 compliant and thank you for bringing this to our attention." NFB won in California court, so Target had to pay court costs, attorneys fees, AND modify their Web site.

  • Scott

    You know, Target actually has a decent record as a socially responsible company. There is no roadmap for this kind of unprecedented breach and I think they’ve handled a number of things very well. Since it wasn’t mentioned in your critique, I can only assume you didn’t know about the one year of free credit monitoring with Experian that Target arranged for customers. What you labeled as Steinhafel’s "ultimate insult" really isn’t. For example, in the wake of this breach, opportunistic criminals purporting to be Target have attempted to scam consumers under the guise of helping them feel more secure. In fact, I was suspicious of the email from Target offering the free credit monitoring but knew enough about the industry to know it was legitimate. Maybe the word "education" is itself a tad pedantic, but clearly consumers do need some education. Indeed, Target later published a warning along with a verbatim copy of their official email and its procedures in other media to ensure consumers weren’t duped by the efforts of criminals. Apparently, there were attempts to direct people to illegitimate sites where they would provide even MORE personal information required to start the credit monitoring. Has the handling of this been perfect? Far from it. But it seems like your bit of history with Target might be causing you to see an insult where there is honest concern. Regardless, way to stir the pot and get some reactions. Always enjoyable!

  • carlheintz

    You are soooo right on. Unfortunately, what they did fits right in with the old saying "never underestimate the stupidity of the audience" ( I think that referrs to TV audiences)….

    What they should have done is offer a reward for the bozo’s who stole the stuff, and an offer to pay any consumer who gets ripped off 10 times the amount they are out of pocket. Using a credit card, the maximum out of pocket to a consumer for fraud is something like $ 50, so most consumers aren’t going to be holding a big bag. But an offer like that would have encouraged consumers to shop more at Target — and made Target look like hero’s. Instead, they look like jerks.

  • Les

    Denny- Normally enjoy your views, but your views towards Target are rather malicious and seem more personally related to your experience with their challenge to Target Marketing- likening them to Alex Rodriguez who is a liar and a cheat is insulting! If I’m not mistaken, your statement about their stores not being around for the past 40 years is incorrect; their first store started in the 50’s in Minnesota. Everyone makes mistakes. From everything I have heard about Target, they are a very responsible and a well run company. This breach was in fact not enabled by Target ; there are a number of retailers who were subject to this criminal action. Typically enjoy your thoughts, but in my opinion, you took this one way too far.

  • Meg Nugent Hodges

    When I had a physical Target location close to me, it was always my store of choice over WalMart. Demographic statistics have indicated for quite some time that shoppers with an educaton level beyond a high school diploma shop at Target over Walmart by a significant amount. Perhaps this was a factor in the data breach.

    I followed this story with interest throughout the holiday season, happy my spouse and I opted for a very low-key holiday as far as shopping was concerned. We paid cash for anything we bought for ourselves or loved ones. I thought we were in the clear.

    Not exactly. I was quite surprised to receive an email from Target earlier this month offering the year of credit monitoring (which we already have – and I could have yet again, thanks to a data breach that impacted anyone with tax returns during a certain period for the state of South Carolina). I shopped at Target twice last year – once online last January (yes a YEAR ago) and again at an actual location in JUNE. Not during the infamous window at all. It was not clear in the communication whether I was truly at risk or if they were being thorough.

    Does this deter me from Target? Not any more than I was before. What this story does do – along with a growing number of others like it – is turn me into a cash-n-carry customer.

  • jonathanblaine

    Email received January 15. I had not shopped in a Target store since April 2013, and do not have an online account or REDcard (thankfully, as the latter are linked to customers’ debit cards and bank accounts). So, Mr. Steinhafel, what exact information related to me was revealed to criminals and from how far back?

    Dear Target Guest,

    As you may have heard or read, Target learned in mid-December that criminals forced their way into our systems and took guest information, including debit and credit card data. Late last week, as part of our ongoing investigation, we learned that additional information, including name, mailing address, phone number or email address, was also taken. I am writing to make you aware that your name, mailing address, phone number or email address may have been taken during the intrusion.

    I am truly sorry this incident occurred and sincerely regret any inconvenience it may cause you. Because we value you as a guest and your trust is important to us, Target is offering one year of free credit monitoring to all Target guests who shopped in U.S. stores, through Experian’s® ProtectMyID® product which includes identity theft insurance where available. To receive your unique activation code for this service, please go to and register before April 23, 2014. Activation codes must be redeemed by April 30, 2014.

    In addition, to guard against possible scams, always be cautious about sharing personal information, such as Social Security numbers, passwords, user IDs and financial account information. Here are some tips that will help protect you:
    Never share information with anyone over the phone, email or text, even if they claim to be someone you know or do business with. Instead, ask for a call-back number.
    Delete texts immediately from numbers or names you don’t recognize.
    Be wary of emails that ask for money or send you to suspicious websites. Don’t click links within emails you don’t recognize.

    Target’s email communication regarding this incident will never ask you to provide personal or sensitive information.

    Thank you for your patience and loyalty to Target. You can find additional information and FAQs about this incident at our website. If you have further questions, you may call us at 866-852-8680.

    Gregg Steinhafel
    Chairman, President and CEO

  • Chris Benson

    I’m afraid I’m going to chime in on the side of the folks who like Target and maintain some loyalty. Our local store opened about 8 years ago and brought a definite improvement to our small town’s shopping opportunities, and even made the K-mart across the road step up their game.

    We buy all kinds of things there, from our TV to the jeans I’m wearing to toilet paper to cat food.

    It was an unfortunate affair with the credit card debacle, but as one of the other commenters noted, it was fairly unprecedented.

    I also was confused about the 50% off paragraph, because it seemed pretty clear to me that it only applied to select seasonal items, unlike the storewide 10%, which we did take advantage of.

    Also, a quick Google of "when was Target incorporated" indicates that Target was founded in 1902.