Canada woes, breach seen as cause for Target CEO's exit

Retailer's disastrous performance in Canada last year probably weighed more heavily in decision to part ways, analysts say

Target CEO Gregg Steinhafel's resignation Monday as president, CEO and chairman of the Board of the company likely isn't a sign that boards of directors are now holding chief executives accountable for massive data breaches.

While some observers quickly linked Steinhafel's exit with the breach, his departure likely has more to do with Target's botched expansion in Canada, analysts said.

"The breach may have been the straw that broke the camel's back," said Avivah Litan, an analyst with Gartner. "But I can't imagine him taking the fall just because of the breach. The board probably wanted him to leave because of poor financial performance" in Canada, she said.

Target on Monday announced that Steinhafel stepped down as CEO, effective immediately. In a statement, the company said CFO John Mulligan was named interim president and CEO. Board member Roxanne Austin was named interim non-executive chair of the board, the statement said.

The company did not say why Steinhafel is leaving after 35 years at the company. Instead, the statement merely noted the challenges that Target faced in Canada last year, and the data breach.

"Today we are announcing that, after extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target," the statement read.

The announcement comes five months after Target disclosed a massive data breach that exposed the personal data stored on an estimated 100 million credit and debit cards.

The breach is expected to cost Target hundreds of millions of dollars in remediation, legal and other costs. The company has already blamed the breach for lower-than-expected earnings last year. It has also acknowledged that the incident has considerably damaged company's brand and reputation.

Litan noted that Target opened 124 stores in Canada in 2013 and said it would open another 10 this year. The rollout has so far been messy and costly, according to financial analysts.

Target's Canadian operations lost $941 million on revenue of $1.3 billion in 2013. Financial and retail analysts blamed the botched rollout on Steinhafel's decision to open so many new stores at once.

Retail analyst Rob Wilson of Tiburon Research Group said the breach only diverted attention from the massive problems the company was having in Canada.

"Sure the breach happened on Steinhafel's watch, but he reacted well and the CIO already was replaced," Litan said. "It's not common for CEO's to take the fall for a breach -- and in my opinion, the breach probably contributed to only 30 percent of why he had to go."

Pete Lindstrom, an analyst at IDC, predicted that Steinhafel's exit will do little to improve security at Target.

"You might be able to get more funding for security," in the near term. But replacing the CEO will do little change Target's risk profile, he said. "There is no good lesson to learn about the resignation. It is more likely to create extra overhead and superficial attention that to really address risk."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about security in Computerworld's Security Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags TargetmanagementAvivaGartnerretailNetworkingsecurityindustry verticals

More about GartnerIDC AustraliaTopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts