Washington Gets Involved in Target’s Security Breach Investigation
Nearly one month after Target (NYSE:TGT) initially alerted customers of its possible security theft affecting more than 40 million debit and credit cards, it is clear that lawmakers are ready to get involved. According to Reuters, Democratic lawmakers called for a congressional inquiry into the Target security breach Monday, and the request came just days after Senate Democrats made a similar move the week before.
Democratic lawmakers’ request Monday asked the Financial Services Committee of the U.S. House of Representatives to look into the breach that resulted in the theft of about 40 million credit and debit records, and 70 million other records with customer information. Seventeen committee Democrats, led by ranking member Maxine Waters, wrote a letter to the committee’s Republican Chair, Jeb Hensarling, and requested a “full Financial Services Committee hearing,” hoping that the hearing will review current consumer protection laws and determine what can be done in the future to avoid compromises of consumers’ card information.
It is not expected that the reviews will result in any kind of action or legislation on the part of Target, but lawmakers still want to ensure that consumers are protected sufficiently, and Hensarling maintained in a statement Monday, “It is incumbent upon our Committee to explore whether industry data protection standards are appropriate, and examine whether heightened regulatory standards are needed to more effectively protect customers.”
Hensarling said that the House Financial Services Committee will hold hearings on the security of information, and Senate Banking Committee Leaders have confirmed that they, too, plan to hold hearings in late January after fielding requests from Senate Democrats last week. Target officials may be brought to Washington to explain the handling of the case, but no action on their part is necessarily expected, as the Minneapolis, Minnesota-based retailer certainly isn’t the only company which has suffered large-scale security breaches, and it is also probably not the last.
Reuters reported Monday that another retailer, Neiman Marcus, also disclosed on Friday that it may have suffered a breach in mid-December, and an outside forensics firm confirmed a breach on January 1. Connecticut, the leader of Target’s investigation, is also now looking into the Neiman Marcus matter, and state officials say that New York and Illinois are also investigating the Neiman Marcus breach.
It has been a rocky start to 2014 for No. 3 U.S. retailer Target, and although the company has continued to issue investigation progress reports and provide details for how it plans to forge ahead in the future, not all of its updates are positive. Target had more bad news to share Friday when the company announced its determination that certain customer information was taken during the data breach that is separate from the payment card data already disclosed. The newly unveiled theft is not considered a new breach, but it still compromised names, mailing addresses, phone numbers, or email addresses of up to 70 million people.
Moving forward, Target is now planning on contacting affected customers and providing them with information to help guard them against scams. Customers will have zero liability for the cost of any fraudulent charges resulting from the breach, and Gregg Steinhafel, president and CEO of Target, said on Friday via a statement that, “I know that it is frustrating for our guests to learn that this information was taken and we are truly sorry they are having to endure this. I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team.”
Following the weekend, Steinhafel offered similar promises and told CNBC TV Monday. “We’re going to get to the bottom of this. We’re not going to rest until we understand what happened and how that happened.”