Skip to content

It looks like we may have content for your preferred language. Would you like to view this page in English?

Many Lessons for Companies to Learn After the Target Data Breach

The red bull’s-eye. Even shoppers that don’t frequent Target know the retailer’s ubiquitous logo. But what many holiday shoppers — both loyal Target customers and casual visitors to the store — didn’t realize until too late was that swiping their credit and debit cards at Target registers painted another kind of bull’s-eye — this one on their backs.

In mid-December, a security researcher and technology blogger revealed that, around the time of Black Friday, Target had suffered a massive data breach “potentially involving millions of customer credit and debit card records” and leaving those customers at risk for fraud and identity theft. 

Caught off guard by this public outing, the company scrambled to control the situation on multiple fronts, investigating the breach, dealing with panicked customers and managing the mounting PR crisis.

This article is the first in a two-part series analyzing the Target data breach. This piece analyzes Target’s missteps in handling the breach and offers some suggestions for how companies should handle data breaches such as these.