(Corrects deadline for documents in paragraph three to March 10
from March 1)
By Mark Hosenball
WASHINGTON Feb 25 A U.S. House of
Representatives committee with broad investigative jurisdiction
has turned up the heat on Target Corp, demanding that
the No. 3 U.S. retailer turn over internal documents and
messages describing how and when it learned of a recent massive
consumer data breach.
In a letter made available on Tuesday to Reuters, the House
Committee on Oversight and Government Reform requested that
Target turn over all documents or communications generated
between Nov. 1 and Dec. 13, in which Target employees or
"agents" discuss "any suspicion" that a data breach had
The committee set a deadline of March 10 for Target to turn
over the materials. If the company does not comply, the
committee's majority Republicans have the power to issue a
subpoena forcing the company's compliance.
The news came a day before the company is expected to report
fourth-quarter earnings and its leaders face Wall Street
analysts for the first time since the breach.
Several analysts expect Target to slash its share buybacks
as it copes with costs tied to the breach, which some estimate
will cost the company $500 million to $1.1 billion.
The 19-day breach of Target's computer networks over the
holiday shopping period resulted in the theft of an estimated 40
million credit and debit card records and 70 million other
records with customer information, such as addresses and
In the letter dated Monday, the House committee also
requested any documents generated between Nov. 1 and Dec. 19
referring to discussions about notifying others about the data
breach, and any documents generated since Dec. 12 in which any
federal agency advised the company to avoid providing
information to Congress.
Congressional sources said that this is the first time the
majority on the Republican-led committee had sent such a request
The sources said the letter was prompted, at least in part,
after committee officials felt dissatisfied with responses given
by Isaac Reyes, an official with Target's government relations
department, during a Jan. 30 conference call about the data
The letter was signed by Oversight Committee Chairman
Darrell Issa, a California Republican who has garnered headlines
for his fierce criticism of the Obama administration's
performance on a wide range of issues.
The committee has wide jurisdiction to investigate
government and private business activity.
In its letter, the panel hints that the retailer may not
have been entirely forthcoming in its statements to the public
and Congress about when it learned of the data breach.
Investigators believe that the hackers managed to break into
Target's payment network by first breaching a "data connection"
between the U.S. retailer and a heating and ventilating systems
contractor based near Pittsburgh.
The committee's letter noted that in testimony before a
Senate Judiciary Committee on Feb. 4, John Mulligan, Target's
chief financial officer, testified that the company had no
knowledge that malware related to the data breach had been
installed in its systems before receiving a notification from
the U.S. Justice Department on Dec. 12.
The House oversight committee said that statement did not
"clarify" when Target learned that it could have been the victim
of a breach, since cybersecurity blog KrebsonSecurity reported
that Target may have been warned earlier about a problem.
In January, minority Democrats on the House Energy and
Commerce committee also sent a letter to Target requesting
Congressional aides have said that Target responded to an
earlier request for data issued by Democrats on the House Energy
and Commerce Committee but that response, which has not been
made public, did not provide new insight.
Asked why the Republican majority leaders on that committee
did not push for the documents, Representative Lee Terry of
Nebraska on Feb. 5 said Target had been forthcoming during
conversations with his staff and such pressure was unwarranted
"until they don't show that they are willing to give us data."
A Target spokeswoman did not respond to a request for
Target shares, which have fallen about 15 percent since the
data breaches were made public in December, were up 0.6 percent
in afternoon trading at $56.51.
(Additional reporting by Alina Selyukh and Dhanya Skariachan;
Editing by Ros Krasny, Bill Trott and Amanda Kwan)