On February 22, 2014, I received a physical letter from President of Target's Financial and Retail Services, Scott Kennedy, that outlines Target's committment to its cardholders. I sympathize with Target; I really do. They didn't ask for this to happen to them or their customers. It's a sad and sick thing that it did happen. However, it is a wake up call to businesses to be more vigilant and to take more preventative care in managing their assets.
The Letter from Scott Kennedy:
I personally want to thank you for being a REDcard holder and valued Target guest. Your loyalty to Target is important to us, and I sincerely apologize for any worry, disruption or frustration you have experienced due to the recent data breach.
Rest assured, protecting your information is of utmost importance to us, so I want you to know what we will be doing in the weeks and months ahead to guard against something like this happening again.
Target is committed to help drive an industry-wide move toward adopting chip-enabled smart cards that significantly enhance protection for card users. Since the data breach, we are accelerating our own $100 million investment to put chip-enabled technology in place. Our goal is to implement this technology in our stores and on our REDcards by early 2015, more than six months ahead of our previous plans.
Additionally, I want to remind you about several important facts regarding your REDcard:
- To date, we have seen no fraud on our Target store credit cards due to this breach. And we have only seen a low amount of additional fraud on our Target Visa credit cards.
- You have zero liability for any fraudulent charges. You should continue to watch your account and promptly report any suspicious charges to us.
- For additional peace of mind, we have made it very easy for you to monitor your card activity by visiting Target.com/rcam.
- Target is offering all our guests one year of free credit monitoring and identity theft protection through Experian (you may request an activation code at creditmonitoring.Target.com before April 23, 2014).
Once again, I want to thank you for your patience and support. Your trust and providing a great guest experience have been foundations of our success for decades. I want you to know our stores are safe and secure, and you can shop again with confidence at Target.
Scott Kennedy (signature)
President, Target Financial and Retail Services
It's hard to see a positive light, when you've been the victim of a hack but if you look at this as a learning experience, it's actually quite valuable. And Target is using this experience as a learning tool.
First, I want to say that I'm a loyal Target customer and a loyal REDcard holder. I changed my password immediately upon hearing of the hack and I watch my balance and statement thoughtfully for any unauthorized purchases. Second, Target is a brand I believe in and trust. I have no affiliation with their company other than being a customer. Third, Target is taking this seriously with their new security efforts.
Target's $100 million initiative to adopt chip-enabled technology is substantial. I think that Target customers should show our good will and each donate $1 toward this effort. One dollar per customer affected is about what this breach is costing Target. I'm not joking about the $1 donation. I think it would show our support as customers and individually it's a small price to pay for enhanced security. Collectively, $100 million is a lot of burden to bear, even for a global concern like Target.
Here's one reason why I feel the way I do about Target:
A few years ago, my wife, my daughter and I were in the Super Target store near 71st and Highway 169, here in Tulsa. Just as we were making our way through the checkout line, a Target employee, perhaps a manager, announced that there was a serious storm approaching and we were encouraged and invited to take cover in the bricked in area near the front of the store. We did just that. There were at least 100 customers crammed into the offices, training rooms, and other Employee Only areas of the store.
At least one Target employee listened to a live weather broadcast and reported to us periodically over the course of 30 minutes or more that we were in there. Other employees risked themselves to watch the parking lot for incoming customers and to keep an eye on the storm for us.
First, I've never had that experience before in any store. Second, the Target employees were trained to care for us. Third, they gave us, the customers, the fortified space for protection, instead of themselves.
Fortunately, the store, its customers, and its employees were all safe that day. They acted selflessly and quickly for our benefit.
In my humble opinion, this does not sound like a selfish, self-serving, cold corporate monster that doesn't care for its customers. They, again in my opinion, had no obligation to do what they did for us.
Target is a business that's made up of people. They're in business to make a profit. That's what businesses do. Target didn't ask for this hack nor should it be held to any higher standard or roasted by the media for it. Such hacks have happened to government sites, retail sites, and all types of organizations and businesses.
The people who should be held accountable are the hackers themselves as well as those who purchase the information obtained in these breaches. Target has a responsibility to do due diligence in protecting its customers from fraud, theft, and data compromise. But there's a limit to that protection as well. I don't believe Target's reputation should be tarnished by this breach nor do I believe that it should have to shave off $100 million in profits for new technology.
- Cyphort says its ATD suite detects Target malware variants
- How hackers stole millions of credit card records from Target
- Target hackers hit air-conditioning firm first as a way in
- More card-stealing malware found
- Target traces security breach to stolen vendor credentials
- Many times bitten, retailers scramble to prevent another Target-like meltdown