TARGET TAKING ACTIONS ON SECURITY, EXECUTIVE SAYS

Category: News

460x (31)
By MARCY GORDON
Senate Judiciary Committee Chairman Sen. Patrick Leahy, D-Vt., right, listens to the Committee Ranking Member Sen. Chuck Grassley, R-Iowa, on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, during the committee’s hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan

John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation, listens on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, during the Senate Judiciary Committee hearing on data breaches and combating cybercrime . (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Stuart Ingis

John J. Mulligan, executive Vice President and Chief Financial Officer of the Target Corporation, right, listens to his attorney Stuart Ingis, on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan

John J. Mulligan, executive Vice President and Chief Financial Officer of the Target Corporation, testifies on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Michael R. Kingston, Delara Derakhshani, Fran Rosch,

John J. Mulligan, executive Vice President and Chief Financial Officer of the Target Corporation, left, testifies on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. From left are, Mulligan; Michael R. Kingston, senior Vice President and Chief Information Officer of the Neiman Marcus Group; Delara Derakhshani, Policy Counsel Consumer Union, and Fran Rosch, senior Vice President, Security Product and Services, Endpoint and Mobility, Symantec Corporation. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan

John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation, listens on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, while testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime . (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Michael R. Kingston, Delara Derakhshani, Fran Rosch,

From left, John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation; Michael R. Kingston, senior Vice President and Chief Information Officer the Neiman Marcus Group; Delara Derakhshani, Policy Counsel Consumer Union; and Fran Rosch, senior Vice President, Security Product and Services, Endpoint and Mobility, Symantec Corporation are sworn-in on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Michael R. Kingston

John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation,left, and Michael R. Kingston, senior Vice President and Chief Information Officer of the Neiman Marcus Group, take their seats on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Patrick Leahy, Michael R. Kingston,

Senate Judiciary Committee Chairman Sen. Patrick Leahy, D-Vt., left, greets Michael R. Kingston, senior Vice President and Chief Information Officer of the Neiman Marcus Group, right, as John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation watches at center, on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to the executives testifying before the committee’s hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan

John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation testifies on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, before the Senate Judiciary Committee hearing on data breaches and combating cybercrime . (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan

John J. Mulligan, executive Vice President and Chief Financial Office of the Target Corporation is sworn-in on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
John J. Mulligan, Michael R. Kingston

John J. Mulligan, executive Vice President and Chief Financial Office of Target Corporation, left, and Michael R. Kingston, senior Vice President and Chief Information Officer of the Neiman Marcus Group, are sworn-in on Capitol Hill in Washington, Tuesday, Feb. 4, 2014, prior to testifying before the Senate Judiciary Committee hearing on data breaches and combating cybercrime. (AP Photo/Pablo Martinez Monsivais)
Mark Warner

In this Monday, Feb. 3, 2014 photo, Sen. Mark Warner, D-Va., chairman of the Senate Banking Subcommittee on National Security and International Trade and Finance, displays his personal bank card as he leads a hearing on the recent incidents of mass credit card fraud in Washington. The hearing comes following the theft of consumers’ data at retailers such as Target Corp and Neiman Marcus during the holiday shopping season. (AP Photo/J. Scott Applewhite)
Prev 1 of 13 Next

WASHINGTON (AP) — An executive of Target Corp. said Tuesday the retailer has taken actions to shore up security following the massive breach of millions of consumers’ data during the holiday season.

But senators examining the issue at a hearing said even the most robust security systems can be vulnerable to cyberattack, and only the adoption by banks and retailers of more advanced technology for payment cards and processing systems will reduce fraud.

The Senate Judiciary Committee testimony by John Mulligan, executive vice president and chief financial officer at the No. 2 U.S. discounter, also revealed that Target discovered an additional 25 cash registers infected by malicious software on Dec. 18. The company had said earlier that it had removed all the malware from its system by Dec. 15.

Mulligan’s testimony was the first public appearance by a Target executive addressing the issue since the breach that occurred between Nov. 27 and mid-December. An estimated 40 million credit and debit card accounts were affected.

Among the actions the Minneapolis-based company has taken, he said, is a thorough review of its payment network with an eye to improving security, and issuing new credit or debit cards to customers requesting them.

Mulligan said Target is “deeply sorry” for the effect of the data theft on consumers, and he acknowledged that their confidence in the company has been shaken.

Sen. Patrick Leahy, D-Vt., the panel’s chairman, said the erosion of consumers’ confidence — with data breaches on the rise affecting retailers, Internet companies and others — could hinder the U.S. economy’s recovery.

The recent data hackings at Target, luxury retailer Neiman Marcus and arts-and-crafts chain Michaels Stores “compromised the privacy and security of millions of consumers,” Leahy said.

Senators pressed Mulligan and Michael Kingston, senior vice president and chief information officer at Neiman Marcus Group Inc., about how quickly they notified customers of the breaches.

Mulligan said Target executives were told on Dec. 12 by the Justice Department of suspicious activity involving payment cards. The company started an investigation, removed malware and publicly announced the data theft on Dec. 19.

A processing firm told Neiman Marcus of a problem on Dec. 13, and the company’s investigators made a report on Jan. 2, Kingston said. Customers were notified on Jan. 10. In mid-January, the investigators concluded that the malware plucking data from customer payment cards had been operating between July 16 and Oct. 30, Kingston testified.

An estimated 1.1 million accounts were affected.

Legislation authored by Leahy would establish a national standard for companies to follow in notifying consumers after a data breach.

Federal Trade Commission Chairwoman Edith Ramirez endorsed the proposal at the hearing, saying a federal law would help consumers mitigate potential harm from abuse of their personal data.

To prevent attacks, the banking and retailing industries have to adopt more secure technologies, members of the Judiciary panel said. The banks plan to put digital chips for storing account information on debit and credit cards by the fall of 2015. Compared with the current magnetic strips, it’s a system that typically makes data theft harder and is common in other countries.

What is needed, senators said, are both digital chips and a personal identification number (PIN) for each debit or credit card transaction, instead of a signature. Experts say it’s harder for criminals to steal personal identification numbers than to forge signatures.

“What is stopping us from moving to this kind of technology?” asked Sen. Amy Klobuchar, D-Minn. “What’s stopping our country when they’re doing this in Europe?”

Mulligan said Target favors a switch to chips and PINs for payment cards, and is willing to spend money to install systems for processing them, but the banking industry hasn’t embraced such a move. “All of us need to move together simultaneously. It’s a shared responsibility.”

Sen. Richard Blumenthal, D-Conn., said the retail and banking industries “have a lot of soul-searching to do about whether they’ve been protective of consumer information.” Stiffer federal penalties for retailers to encourage them to strengthen their data security are needed, he said.

Related Articles