If Gregg Steinhafel has taught us anything, it’s that security is paramount. Steinhafel, the former President, Chair, and Chief Executive of Target Corp. (NYSE:TGT) resigned from his post on May 5, a direct result of a cyber security breach suffered between November 28 and December 15 of last year. Approximately 40 million payment card records and 30 million other records were compromised during the breach, making it one of the largest in history. The fallout from the breach was so severe that it was no other head except Steinhafel’s that could have rolled.
Steinhafel’s resignation left an interesting question on the table: where does the buck stop when it comes to data security? In a press release regarding his departure, Target noted that Steinhafel “held himself personally accountable” for the data breach, but it’s not clear if people should expect this kind of accountability from a CEO in the information age. There are no sure bets when it comes to information security, and even strong, well-maintained security systems can be incomplete.
We were reminded of this on May 19 when LifeLock, Inc. (NYSE:LOCK), an identity theft prevention services company, reported that due to a security issue, it proactively removed its wallet app from app stores and deleted all user information store by the app. Chair and CEO Todd Davis was quick to open up communication, posting to the company’s blog to explain the issue and direct users with questions to the support team.
The market reacted by driving LifeLock stock down 17.57 percent to $10.70 at Monday’s close, the day the news was released. LifeLock is a fairly small company and the decline drove its market cap below $1 billion.