Target CEO out after credit card breach

Target has removed chairman and CEO Gregg Steinhafel from the roles in the wake of a devastating data breach that hurt the No. 3 US retailer's profits, shook customer confidence in the company and prompted congressional hearings.

Gregg Steinhafel

The departure of the 35-year company veteran also follows Target's botched multi-billion dollar expansion into Canada.

"After extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target," the company's board said in a statement.

Steinhafel had been Target's CEO since 2008.

The Minneapolis-based company named CFO John Mulligan as interim chief executive, and Roxanne Austin, a member of Target's board of directors, as interim non-executive chair of the board.

Target's shares fell as much as 3 percent in morning trading.

Target disclosed in December that a cyber attack had resulted in the theft of at least 40 million payment card numbers and 70 million other pieces of customer data.

Mulligan has been the company's chief spokesman on the issue, testifying at several congressional hearings where he was grilled about Target's security operations, how it learned of the breach and how quickly it notified the public.

Target spokeswoman Dustee Jenkins said Mulligan had been selected as interim CEO because of his role in helping company respond to the breach.

"We believe he is suited for this. He has played a key role in the recovery efforts," she said.

The company said it has hired executive recruiting firm Korn Ferry to help the board find a new CEO. Steinhafel will stay on in an advisory role until a permanent replacement is found.

Daniel Ives, who follows security firms at FBR Capital Markets, said he believed Steinhafel is the first CEO to be removed following a major corporate data breach.

Steinhafel's exit follows the departure of CIO Beth Jacob in March.

The company last week named high-profile information technology consultant Bob DeRodes as her replacement. Target is still looking for a chief information security officer, a new role at the company.

Falling Profits 

Apart from the breach, Target has also been forced to contend with a weak US retail environment.

The company's push into Canada has also proven to be costlier than expected and sales have fallen far short of expectations. The company reported a loss of nearly US$1 billion (A$1.1 billion) in Canada in 2013 on sales of $1.3 billion.

Overall, the company reported a 34 percent drop in net profit last year to US$1.97 billion.

Analyst Ken Perkins of investment research firm Morningstar said the performance in Canada would have also contributed to Steinhafel's departure.

"Clearly the data breach was not good publicity ... but in terms of an executive decision from a strategy point, the entry in Canada has really not gone the way company planned," he said.

The impact of the breach is expected to have continued into the first quarter of the year. Analysts on average expect the company to report a fall of about 1 percent in first-quarter same-store sales when it releases results in two weeks, according to Thomson Reuters I/B/E/S.

The breach at Target was the second largest at a US retailer. The theft of more than 90 million credit card details over about 18 months was uncovered in 2007 at TJX, operator of the T.J. Maxx and Marshalls chains.