Dear Target Guests (because you are more than customers to us),
As you have probably heard, Target learned in mid-December that criminals forced their way into our systems (they used so much force that it took us a couple of weeks to see their muddy footprints). As a part of the ongoing forensic investigation (we are using a very expensive, rare breed of electronic bloodhound), it was determined last week that certain guest information, including names, mailing addresses, phone numbers or email addresses, were also taken (the next time you shop at Target, you may want to show up buck naked so you don’t lose anything else).
Our top priority is taking care of you and helping you feel confident about shopping at Target (how are we doing so far?), and it is our responsibility to protect your information when you shop with us.
We didn’t live up to that responsibility, and I am truly sorry (how do you say ‘sorry’ 70 million times?).
Please know that we moved as swiftly as we could to address the problem once it became known (our lawyers told us to add that last part), and that we are actively taking steps (not aggressively, just actively) to respond to your concerns and guard against something like this (maybe lightning hitting all of our stores simultaneously) happening again. Specifically, we have:
1. Closed the access point that the criminals used (barn door number 63845—that was a tricky one to close because we had to find it first) and removed the malware they left behind (we think we got it all—stay tuned for our next apology).
2. Hired a team of data security experts to investigate how this happened (we had a bit of a hard time finding experts whose personal data had not been compromised while shopping at Target). That effort is ongoing and we are working closely with law enforcement. (At least they told us they were law enforcement—they had mustaches and Ray-Bans).
3. Communicated that our guests will have zero liability for any fraudulent charges arising from the breach. (However, they will not be reimbursed for all their time trying to reach us on the phone or the damage done by letting their private data reach the black market. Ain’t life a bitch?)
4. Offered one year of free credit monitoring and identity theft protection to all Target guests so you can have peace of mind (this is just a figure of speech—actual peace of mind is not included in this offer).
In the days ahead (please don’t pin us down), Target will announce a coalition to help educate the public on the dangers of consumer scams (because even though it’s our fault, we’d like you to take some responsibility here). We will also accelerate the conversation—among customers, retailers, the financial community, regulators and others—(you know, like the conversation we’re having about helping out those poor Bangladeshis who died making your clothes) on adopting newer, more secure technologies that protect consumers. (Technologies that you will trust us to keep out of the hands of criminals.)
I know this breach has had a real impact on you, creating a great deal of confusion and frustration (but it’s a cakewalk compared to the mess that Target is in). I share those feelings. You expect more from us and deserve better (but you’re actually lucky we care enough to spend all this money taking out ads in major papers to apologize to you).
We are determined to make things right, and we will. (We’re speaking about this recent breach. The next breach we will also make right. After that, you will simply shop at Target because you need our stuff.)
Gregg Steinhafel, chairman, president and chief executive officer, Target. (Look! I have three jobs. Maybe that’s the problem.)