Gregg Steinhafel has resigned as CEO of Target, which makes him the latest casualty of the retail giant’s major data breach.

The widely watched data breach exposed personal information of some 110 million customers late last year.

In a statement released by the Target board, Steinhafel – who had spent 35 years at the company, serving as CEO since 2008 – “held himself personally accountable” for the data breach.

The CEO’s departure comes after “extensive discussions” between the board and Steinhafel.

“Now is the right time for new leadership at Target,” according to the board’s statement.

John Mulligan, Target’s chief financial officer, was named as interim president and chief executive officer. Also, Roxanne S. Austin, a current member of Target’s board of directors, was named interim non-executive chair of the board.

Permanent replacements will be named later, and Steinhafel will remain in an “advisory capacity” during the transition period.

“We are grateful to him for his tireless leadership and will always consider him a member of the Target family,” the board statement added about Steinhafel.

Korn Ferry was retained by Target to help in the CEO search.

In addition, Target has named Bob DeRodes as its new chief information officer. It also wants a new chief information security officer and chief compliance officer, according to a report from The Los Angeles Times.

Target is a major retail company, and has 1,789 stores in the United States and 127 stores in Canada.

Steinhafel’s departure demonstrates how important it is for companies to prepare for CEO exits. Details about the departure agreement for Steinhafel were not released. Steinhafel is likely to get a severance payment, but Target has “not made a final determination on other compensation-related aspects of Mr. Steinhafel’s departure,” ABC News reported citing board sources.

Overall, selecting the chief financial officer as an interim replacement for the outgoing CEO makes sense for a retail company.

Also, a sudden CEO exit can negatively impact share prices, according to InsideCounsel. Target’s stock dropped about 3 percent Monday after it was announced Steinhafel resigned.

After the Target breach, there have been calls that the current magnetic stripe and signature system be replaced with a “Chip and PIN” system, using the EMV computer chip—named after EuroPay, MasterCard and Visa. It encrypts payment information. In addition, many members of Congress have focused their attention on data security and data breaches – following the incident at Target. Hearings were held on preventing data breaches, improving data security standards, improving protection of consumers’ personal data, and providing more notice to consumers when a compromise takes place, InsideCounsel reported.


Further reading:


Data security gets more attention following Target breach

Boards need to prepare for CEO succession

Target’s cybersecurity event may have been preventable