2013 Target Data Breach: Description and Solutions
Target is a firm that excels in providing customers with goods that adhere to their needs and spending price ranges. With increasing competition and modernization of the shopping process, Target has collected, utilized, and stored substantial user and client data. While this eases a number of processes that come with a digital presence in product sales, it may also make firms and clients vulnerable to data breaches. This was an issue that occurred in 2013, and Target responded with a variety of solutions, some of which were well implemented while others could have benefited from alternative approaches.
The main issue faced by Target during its operations included a tarnishing of its reputation due to a large data breach. During the fourth quarter of the business year, Target acknowledged that a criminal breach had allowed external parties to have access to the debit and credit information of over forty million customers (Hoffman & Gold, 2016). Later in 2014, it was also revealed that even email addresses, personal information, and mailing addresses had been susceptible to the breach. Immediately following this, Target sales had decreased significantly, and the willingness of customers to join programs such as REDcard was incredibly low.
Data breaches that affect such a large population of clients have the potential to deal detriment to the firm as well as to the personal lives of those affected. As such, there are a number of solutions that could have been implemented in Target’s situation. Client’s who have been adversely affected should be compensated, and all newly joining clients should be offered alternative benefits until safety measures are sufficient. Following this, new security protocols and methods can be provided company-wide. Frequent analysis should be performed in order to maintain the security and the trust of customers.
Target’s initial response consisted of investing 5 million dollars in better security measures and services that provided clients with credit-card monitoring. In March 2015, Target settled and paid clients who were victimized by the breach a total of 10 million dollars in settlements. Each client adversely affected had received an approximate amount of 10,000 dollars each. Target had successfully implemented new security measures and met the needs of the victims of the breach. Additionally, they offered year-long credit card monitoring and protection from identity theft as a form of evaluation and maintenance of their safety changes.
Areas in Need of Improvement
Despite the positive changes and offered assistance to the victims of the breach, there are still areas in which Target could improve its approach to such events. The protection of their clients’ livelihood should have been prioritized, but Target’s settlement had come more than a year after the breach was made public. Similarly, new clients were accepted too quickly while the branch’s effects were still prevalent. As such, the priorities and timing of the solutions implemented by Target were not entirely in line with the demands of their customers and stakeholders and therefore did not leave everyone satisfied.
As such, while the data breach was handled effectively by Target, the time it took them to meet the needs of the victims of the breach was not as adequate. In the case that a similar event occurs, Target must prioritize the security of its clients’ information before moving to implement new security measures and features. Overall, Target was able to deter the widespread effects of the breach, but a certain number of clients were still affected.
Hoffman, A. N., Gold, N. (2016). Target Corp’s tarnished reputation: Failure in Canada and a massive data breach. Erasmus University. Web.