(Reuters) - Target Corp plans to make "significant changes" in light of the data breach during the holiday shopping season when hackers stole personal information of millions of customers, the U.S. retailer's chief executive said in an interview with CNBC aired on Monday.
Malware was installed on the company's point of sale registers, Gregg Steinhafel said, and Target was working with law enforcement agencies investigating the breach.
"As time goes on, we're going to get to the bottom of this," he said. "We're not going to rest until we understand what happened and how that happened.
"Clearly, we're accountable and we're responsible but we're going to come out at the end of this a better company and we're going to make significant changes."
Steinhafel did not give details of the planned changes. "We are in the middle of a criminal investigation as you can appreciate and we can only share so much," he told CNBC.
Target said on Friday an investigation found that hackers stole the personal information of at least 70 million customers, including names, mailing addresses, telephone numbers and email addresses. Previously, the No. 3 U.S. retailer said the hackers stole data from 40 million credit and debit cards.
Steinhafel told CNBC he had no idea who was responsible for the breach but that Target's environment was now secure.
"We have no evidence that there is any other guest information that was removed from our environment," he said.
On Friday Minneapolis-based Target, the No. 3 U.S. retailer, lowered its fourth-quarter profit forecast to between $1.20 and $1.30 from $1.50 to $1.60, in part due to weaker-than-expected sales since reports of the cyber-attack emerged.
(Reporting by Sruthi Ramakrishnan in Bangalore; Editing by Supriya Kurane and Bill Trott)