Targeting Target with a 100 million dollar data breach

Abstract

In January 2014, the CEO of the renowned U.S. discount retailer Target wrote an open letter to its customers apologizing for the massive data breach the company experienced during the 2013 holiday season. Attackers were able to steal credit card data of 40 million customers and more were probably at risk. Share prices, profits, but above all reputation were all now at stake. How did it happen? What was really stolen? What happened to the data? How could Target win consumer confidence back? While the company managed the consequences of the attack, and operations were slowly back to normal, in the aftermath the data breach costs hundreds of million dollars. Customers, banks, and all the major payment card companies took legal action against Target. Some of these litigations remained unsettled 3 years later. The importance of the breach lays in its far broader consequences, rippling through the U.S. Congress, and raising consumer and industry awareness on cyber security. The case provides substantial data and information, allowing students to step into the shoes of Target executives as they seek answers to the above questions.