Target's data breach tab mostly covered by insurance so far

Target's data breach related expenses in the fourth quarter were $61 million, but $44 million was covered by insurance. The company said it doesn't have a read on costs going forward.

Target said that its costs related to its data breach so far were $61 million, but $44 million of that tab was covered by insurance. Meanwhile, the retailer said it can't predict future costs, but is working to restore customers' confidence in the company.

target logo

The retailer disclosed the costs in its fourth quarter earnings. Target's net costs so far are $17 million.

According to Target, the expenses so far revolve around the data breach investigation, credit monitoring services for customers, more call center staff, legal counsel and fraud losses and card replacements for the company's REDcard.

Previously:  How hackers stole millions of credit card records from Target  |  Target hackers hit air-conditioning firm first as a way in Target's data breach: It gets worse  |  Many times bitten, retailers scramble to prevent another Target-like meltdown  |  Visa CEO: We need better security, EMV chips, tokens

Special Feature

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

Read More

In December and January, Target took a series of hits. Target first disclosed that 40 million accounts were hit in a breach and then said 70 million more were impacted. Target also warned that its fourth quarter sales would fall short.

On a conference call, Target CEO Gregg Steinhafel said the company put "the welfare of our guests at the center of every decision we've made." Steinhafel acknowledged that restoring confidence in Target will take time and that "this incident and recent security breaches at other companies have shaken their confidence in both Target and the U.S. payment system more broadly."

Steinhafel said the company is working with experts to analyze processes, systems and personnel to boost security. He also urged better payment technology such as the chip and pin system used in Europe.

He added:

We are accelerating the adoption of advanced chip enabled technology, investing more than $100 million to equip our stores and to issue Target branded smart chip credit and debit cards. We have long supported this more secure technology but broad adoption in the U.S. market has been elusive. We believe that recent events will help the industry to reach a tipping point towards accelerated option in the US and we are investing to ensure that Target is a clear leader in driving this change.

Overall, Target's fourth quarter results and outlook were a mixed bag. The company's profits were 46 percent lower than a year ago, but its outlook wasn't as bad as analysts had feared. One wrinkle is that Target has no idea how the data breach will hit future profits.

In its earnings statement, Target noted that it couldn't predict future costs from the data breach. Target "is not able to estimate future expenses related to the data breach" and costs "may have a material adverse effect on Target’s results of operations in first quarter and full-year 2014 and future periods."

The company reported fourth quarter earnings of $520 million on sales of $21.5 million, down 3.8 percent from a year ago. Same store sales in the quarter were down 2.5 percent and the bulk of the decline came after Target disclosed the data breach Dec. 19.