WASHINGTON A Target Corp (TGT.N) representative briefed Congressional investigators by telephone on Thursday about the retail chain's recent massive data breach, but offered few fresh details, citing continuing law enforcement investigations.
Isaac Reyes, an official with Target's government relations department, spoke by phone to officials from the House of Representatives Oversight Committee, two sources familiar with the session told Reuters.
The oversight committee, chaired by California Republican Darrell Issa, has broad jurisdiction to investigate the activities of both government agencies and private business.
During the call, Reyes offered little fresh information about how the breach occurred or who Target believed was behind it.
Target spokeswoman Molly Snyder told Reuters that during the briefing the company provided as much information as it could about the breach in which some 40 million credit and debit card records plus personal information of 70 million customers were stolen.
"As we have briefed elected officials and their staffs over the past few weeks, we have been providing them with updates on the ongoing criminal and forensic investigation to the extent we are able to share them," she told Reuters.
In the call, Reyes said that the U.S. Justice Department had informed Target about the breach on December 12 of last year. But he declined to say if the retailer itself had learned of the problem earlier, the sources said, who declined to be identified because the briefing was closed to the public.
He also told investigators the company believed it had complied with every one of the patchwork of requirements set out in state laws and regulations regarding the disclosure of such data breaches to authorities and consumers.
At present there is no federal law or regulation setting nationwide rules for when consumers and law enforcement agencies must be notified of serious data breaches, though Congress has been considering related legislation for years.
Four Senate Democrats, led by Commerce Committee Chairman Rockefeller and Select Intelligence Committee Chairman Dianne Feinstein, on Thursday introduced a bill aimed at better protecting consumers from data breaches.
This is the third such bill introduced on Capitol Hill since the Target data breach. The three bills are versions of legislation which had been introduced in previous years but failed to gain traction.
The sources familiar with the House committee briefing said that Reyes indicated the company was willing to turn over documents to Congressional investigators, and that it could start doing so within a few days.
However, investigators expressed doubt that, given the company's unwillingness to get into details of the breach during Thursday's briefing, Target will turn over much revealing material.
Representatives of Target have held similar phone briefings with state attorneys general, although details of these have not been made public. Several states have banded together to probe the Target data breach.
The briefings come as executives of Target and Neiman Marcus NMRCUS.UL, another retailer which recently suffered a major data breach, prepare for personal appearances at Congressional hearings next week.
(Additional reporting by Alina Selyukh in Washington and Jim Finkle in Boston; editing by Ros Krasny)