Target’s massive data breach, which caused an estimated 40 million credit and debit cards to be compromised during the holiday period, will end up costing them more than just headaches. Target first became aware of the breach a week prior to announcing the breach to the public. This slow response time imperiled consumers.
I was personally affected by this breach in that I patronize a store that is located next to a Target. It is therefore extremely convenient for me to run into Target and pick up any household items I may need. Needless to say, I was among the 40 million potential victims of the hackers who may, or may not, have had personal information exposed. What was interesting to watch, however, was how differently companies reacted to this breach.
Target was extremely slow in announcing this breach. A week is a long time for hackers to take this data, create new cards and go on a holiday shopping spree. They’ve admitted that the hackers were able to gain access to actual PIN numbers for debit card information during the breach that is estimated to have lasted from November 27 (Black Friday) until December 15. The Department of Justice has opened an investigation as well. Many consumers are upset that Target took its time revealing the breach. As of December 27, there were at least 40 lawsuits filed by consumers.
In my opinion, Target’s management of the crisis was poorly handled. Other than creating a website explaining what people can do and offering some free credit reporting services, they have been underwhelming in their efforts to assist consumer security. They did, however, create a “shopping day” in which all Target customers received a 10% discount. Certainly someone who just had their credit card information stolen from a retailer would think twice about shopping at that same retailer, even with the 10% discount.
In contrast, however, my credit card company Chase, was quick to respond in efforts to protect and educate me. They offered extended hours and had their branches open on Sunday to help immediately replace cards and to further assist those affected. They informed me of the breach and automatically reduced daily spending and cash withdrawal limits in efforts to minimize potential damage hat could occur. While this was certainly inconvenient, it was proactive and reinforced my trust, and opinion, of Chase.
Target’s data breach is considered to be the second largest data breach in U.S. history, according to CBS News. The negative publicity and opinion this retailer has earned will undoubtedly haunt them for years to come. Their handling of the situation – from discovering, to disclosure, to assistance – was certainly insufficient when the scope of the incident is considered. I know that they have lost the trust of many consumers.
Now, to add icing on the cake, Target is reporting problems activating gift cards that were sold during this time period.
Target is going to have a steep hill to climb to regain consumer confidence and trust. Transparency and taking responsibility are extremely important in crisis management… and Target failed in both areas.