May 5 Target Corp removed Chief
Executive Gregg Steinhafel on Monday in the wake of a
devastating data breach that hurt the No. 3 U.S. retailer's
profits, shook customer confidence in the company and prompted
Following are the developments leading up to the exit:
Dec. 18 - A security industry blog reports that payment card
data were stolen from an unknown number of Target customers,
starting on the busy Black Friday weekend.
Dec. 19 - Target says hackers have stolen data from up to 40
million credit and debit cards of shoppers.
Dec. 20 - Steinhafel seeks to reassure customers that it was
safe to shop at the company's stores and offers 10 percent
discounts on the last weekend before Christmas.
Investigators believe that overseas hackers were
responsible, a source tells Reuters.
Lawyers and industry sources say that the theft could end up
costing hundreds of millions of dollars, but it was unclear who
would bear the expense.
Dec. 21 - JPMorgan puts new debit card limits for its Chase
brand bank debit cards used by customers at Target stores.
Dec. 23 - Retail consultancy Customer Growth Partners LLC
says Target suffered a 5 percent drop in traffic over the final
weekend before Christmas.
Target partners with U.S. secret service and Department of
Justice for an investigation.
Dec. 27 - Target says PIN data of some customers' bank ATM
cards were stolen, but it was confident that the information was
"safe and secure".
Jan. 10 - Target raises number of customers affected by the
breach to 70 million and lowers its fourth-quarter profit
Attorneys general from New York, Connecticut, Massachusetts
and Minnesota join a nationwide probe into the breach.
Jan. 12 - Steinhafel tells CNBC that he had no idea who was
responsible for the breach but that the company was now secure.
Jan. 13 - Target begins a major public relations effort to
woo back customers, including placing full-page newspaper ads
apologizing for the attack.
Jan. 13 - Democratic lawmakers call for a congressional
inquiry into the hacking.
Jan. 14 - Two key U.S. senators write to Steinhafel, seeking
"detailed information" on the hacking.
Jan. 15 - The New York Times says Citigroup will replace all
customer debit cards involved in the breach.
Jan. 16 - A House of Representatives subcommittee says
Target agreed to testify before Congress.
The U.S. government provides merchants with information
gleaned from its investigation.
Jan. 21 - The U.S. Secret Service says it was checking for
links between the hacking and the arrest of two Mexicans trying
to enter the United States with a cache of fraudulent credit
Jan. 23 - Target says its Chief Financial Officer John
Mulligan will testify before the U.S. Senate Judiciary Committee
on Feb. 4 about the data breach.
Jan. 29 - Target says cyber criminals stole vendor's
credentials to breach its system.
Jan. 30 - A Target representative briefs Congressional
investigators by telephone about the data breach, but offers few
Feb. 3 - A senior company executive says Target will speed
up a $100 million program to implement the use of chip-enabled
smart cards to protect against cyber theft.
Feb. 4 - Target CFO tells U.S. lawmakers that the retailer
was "deeply sorry" for the data breach and it was determined to
win back customers' trust.
Feb. 5 - The U.S. Secret Service visited the office of a
Pennsylvania-based refrigeration contractor, Fazio Mechanical
Services, whose login credentials were possibly used to breach
Target data, a source tells Reuters.
Feb. 6 - A Fazio representative says Target hackers managed
to break into its network by first breaching a "data connection"
between Fazio and the retailer.
Feb. 13 - U.S. banks and retail groups say they were joining
forces to work on cybersecurity.
Feb. 25 - A U.S. House of Representatives committee demands
Target turn over internal documents and messages describing how
and when it learned of the breach.
Feb. 26 - Target's net profit almost halves in the holiday
quarter and the company warns that costs related to the data
breach could hurt future profits.
March 5 - The company announces an overhaul of its
information security practices and the resignation of its chief
March 13 - Target says its security software detected
potentially malicious activity during the breach, but its staff
decided not to take immediate action.
March 14 - Target warns that the data breach could have been
more extensive than reported.
March 25 - Target missed multiple opportunities to thwart
the hackers responsible for the breach, U.S. Senate staffers
charge in a committee report.
March 26 - Two banks sue Target and Trustwave Holdings Inc,
which provides credit card security services, for "monumental"
losses they say card issuers will face because of the breach.
April 1 - The two banks who sued Target and Trustwave over
responsibility for the data breach drop their lawsuits.
April 14 - U.S. retailers plan to form an industry group for
collecting and sharing intelligence about cyber security
April 29 - Target names high-profile information technology
consultant Bob DeRodes as chief information officer.
(Compiled by Supantha Mukherjee and Soham Chatterjee in
Bangalore; Editing by Sriraj Kalluvila)