It’s been another brutal week in the headlines for Target (TGT). Yesterday Businessweek.com ran a story claiming the nation’s second largest discount chain was first alerted to the installation of hacker malware on November 30th and again on December 2nd of last year.
Citing interviews with employees familiar with the company’s security procedures, law enforcement officials as well as 8 people with “specific knowledge of the hack and its aftermath,” Businessweek said Target chose not to act on the warnings. As a result at least 40 million Target customers saw their credit card information compromised.
The shocking revelation came just two days after a USA Today story cited Kantar research showing a stunning drop in traffic levels at both Target.com and in the company’s roughly 1,700 stores. The drop was particularly steep among Target’s core Gen X customers. According to Kantar the drop in traffic at Target was “particularly sharp” relative to the 200 stores the research firm studied.
In response to the reports Target CEO Gregg Steinhafel said it would be premature to talk specifics regarding the timeline and size of the breach but vowed to “work tirelessly to win back the confidence of our guests.”
As my colleague Lauren Lyster and I discuss in the attached video, the disregard with which Target has treated its loyal customer base is stunning. The company spent more than 50 years becoming by some measures the more respected brand in general merchandising. Measured by Brandindex.com Target has seen its ranking among customers drop by a 1/3 since the breach was discovered. CNNMoney showed a similar decline.
The tragic thing for the workers and customers of Target is that all of this could have been avoided. Ignoring the initial breach was only the beginning of the company’s ongoing pattern of seeking to alternately ignore and minimize the impact of the malware attack on Target customers.
The damage control efforts have ranged from the laughably insufficient offer to speedily replace compromised cards to a galling offer to monitor customer’s credit ratings free of charge only to have its system’s crash almost immediately.
Target says it incurred fourth quarter charges of $61 million related to the attack. Given the brand damage and fact that more than 90 lawsuits are in the works that figure is wildly understated.
If Target wants to win back its customers it needs to stop minimizing the damage and start feeling their pain. Mr. Steinhafel has been dealt a lousy hand. The malware attack could have happened to anyone but it didn’t. It happened to Target. The man in charge needs to stop the buck. Rather than denying the problem he needs to make it clear the Target is going to do anything to make this right.
A statement like this would go a long way:
“Wall Street may not like this but I don’t care if we miss analysts’ earnings estimates this quarter or the rest of the year. Any short-term damage to our bottom line will be worth it if it means rebuilding our relationship with our guests. We are accountable. We are going to do right by everyone who has been victimized by the this attack.”
Target’s ongoing failure may be sad but it’s infuriating to anyone who didn’t grow up in Target stores. It’s time for the company to hitch up its pants and deal with the problem rather than trying to cover it up.
More from Breakout: