Target’s CEO resigns at the same time new cybersecurity legislation hits

Target will have a new CEO, and businesses will have new cybersecurity standards to follow.


Fran Berkman


Published May 6, 2014   Updated May 31, 2021, 9:02 am CDT

Gregg Steinhafel, president and CEO of Target has resigned, several months after a cybersecurity breach left 110 million Target customers’ personal data, including credit card information, exposed to hackers.

Steinhafel, who was with the company for 35 years, took personal responsibility for the hack, and the company “decided that now is the right time for new leadership,” according to a statement released Monday.

While it’s unlikely anyone will shed a tear for Steinhafel, who will reportedly collect a severance package worth tens of millions of dollars, the situation highlights a larger debate about updating the nation’s cybersecurity laws.

That issue was propelled forward just last week, when a panel appointed by President Barack Obama to study the effects of big data came back with its recommendations. Concerning cybersecurity, the panel suggested standardizing the way companies must report data breaches to customers.

In Target’s case, the company initially reported that 40 million customers were at risk after the breach, and weeks later, revealed the number was actually north of 100 million. Los Angeles-based security firm IntelCrawler has said that a 17-year-old Russian hacker wrote the malware responsible for the incident.

The proposal also suggests updating penalties for cyber-crimes to make them more comparable to those of similarly damaging traditional crimes, as well as ironing out the process for businesses to seek assistance from, and report critical information to, the federal government (specifically the Department of Homeland Security) on matters of cybersecurity.

Though it certainly did not come soon enough to help Target customers and Steinhafel, cybersecurity reform may well be at hand. The White House said members of Congress from both parties submitted some 50 cybersecurity bills during the last session.

With the Target fiasco still in mind, perhaps this White House initiative will be the impetus that pushes legislation across the table.    

The White House released document summarizing its suggested updates to national data breach legislation, which you can read here, and the full White House report on big data is copied below.

White House Big Data Privacy Report


Photo by Mike Mozart/Flickr (CC BY 2.0)

Share this article
*First Published: May 6, 2014, 8:30 am CDT