Target Corp. feels customers' fury over response to card-data breach

Target is offering 10 percent off purchases on Saturday and Sunday, in a goodwill gesture. But complaints are mounting about the retailer's response to massive theft of customer credit-card data.

Charles Rex Arbogast/AP/File
Target baskets in a file photo. The retailer says a data breach may have impacted 40 million customers.

A few weeks after telling Target stockholders about the retailer’s “fun, easy shopping experience,” CEO Gregg Steinhafel is now having to explain to Target Corp.'s 40 million shoppers why they got a big chunk of coal in their stockings.

The victim of the second-largest credit-card heist in history – and perhaps the most audacious – Target may now also be a victim of public opinion, which appears to have swung fairly hard against it, during the prime holiday shopping season, no less.

The company’s stock rebounded by Saturday after dipping nearly 2 percent to $62.27 in the wake of its revelation Thursday that its data-security system had been breached and customers' card data had been stolen. But that bit of good news is being overshadowed by reaction to what has become a fiasco for the Minneapolis-based mega-retailer.

“ARE YOU KIDDING ME!!! … ARE YOU KIDDING?” a customer identified as Bekah Sims Andrews wrote on Target’s Facebook page, complaining that she had waited 48 minutes on hold to reach the company – and then her call was dropped. Hers is one of more than 1,000 comments venting frustration and outrage that Target did not better protect customer data, that it did not disclose the theft sooner, and that its efforts to make things right have not been satisfactory. 

On the Facebook page, customers report having trouble getting through to the retailer by phone. On Saturday, the company noted that reported instances of actual fraud are small, but said it will be offering customers free credit-card monitoring and, on Saturday and Sunday, the same 10 percent sales discount it provides to its employees.

“We take this crime seriously,” says Target CEO Gregg Steinhafel, in a video posted to Facebook. “It was a crime against Target, our team members, and most importantly our guests.” He also assured Americans that the breach had been locked down and that “guests … can shop with confidence at their local Target stores.” The thieves did not obtain data from Target's online shopping emporium, but rather from the almost 1,800 retail stores across the country.

Target, which pays about $1 billion in stockholder dividends each year, is now also facing legal pressure. Four state attorneys general have launched investigations. Several consumer lawsuits have also been filed, one of which criticizes the company’s cybersecurity system. It also alleges that Target conveyed “a false sense of security” when it announced the problem was resolved when, in fact, customers may “face years of constant surveillance” of financial records and a “loss of rights.”

Already, illicit Internet marketeers, perhaps based in Eastern Europe, are selling the card numbers for between $20 and $100 each, according to the insider Web security website Krebs on Security. Credit-card companies are expecting anything from an uptick to an onslaught of fraud reports.

In general, retailers face increasingly sophisticated challenges to their Internet security, says Tom Field, a vice president at Information Security Media Group, in Princeton, N.J. 

But Target’s challenge now is not to play victim, but to figure out how to ride out the storm of negative public opinion, experts say.

"There's never a good time for this to happen," Charles O'Shea of Moody’s Investors Service told the Los Angeles Times. "But if there's a worse time than during the holidays, I'd like to know what it is." 

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.