January 15, 2014

On Monday Target launched a major PR effort to apologize to customers for a massive cyber-attack on its network over the holidays.  The retailer ran a full-page apology letter from CEO Gregg Steinhafel in some of the nation’s major newspapers, including The Wall Street Journal, The New York Times, Washington Post and USA Today.  Steinhafel also granted his first full interview since the breach to CNBC.


Recently, Target admitted that the security breach, which started in late November and lasted 19 days over the holiday shopping season, was nearly twice as large as they initially thought.  They also retracted a statement saying that PIN numbers weren’t stolen.  Turns out, they were.  This news means the cyber-attack was one of the largest and most severe of its kind, affecting up to 110 million Target customers.  About 40 million credit card records and 70 million other records containing customer names, mailing addresses, phone numbers and email addresses were stolen.  This is a big, big deal.


I had my pin number stolen once before.  And I watched over $300 vanish from my meager post-grad bank account within a matter of minutes.  It’s a scary, humbling experience and I wouldn’t wish it on anyone.  I can relate to the disgruntled Target customers who were affected by the breach.  And I think I speak for many of them when I say the retailer’s apology was a nice gesture, but it was simply too little, too late.


Frankly, I believe most people understand the risk they assume when signing up for a credit or debit card.  And I bet almost everyone has had one of their cards compromised at some point.  It happens.


No, the breach was not Target’s fault.  But did Target reveal what they knew and when they knew it right from the very get-go?  That’s not entirely clear.  And it’s swiftly damaging the brand’s reputation.


Here at m+p, we believe honesty is the best policy and transparency is key.  Instead of letting fragments of information trickle out for well over a month, Target should have detailed the full effects of the breach, acknowledged the severity of the situation, assured customers they were doing everything possible to repair the damage, and apologized.  The longer you wait to bear the bad news and admit your shortcomings, the more negative the situation becomes in the minds of reporters and consumers.


Target owes much of its success to the emotional brand equity they’ve built with consumers over time.  Many brand enthusiasts, myself included, affectionately refer to the retailer as “Tarjay.”  Let’s hope that, despite their recent mistakes, consumers will stand by the famed retailer’s side and give them a chance to rebuild their trust.

more insights