By Lauren Pollock
Target Corp. named a veteran U.S. government adviser to lead its
technology team following a massive data breach last year that
enabled one of the largest credit-card thefts in corporate
history.
Bob DeRodes, who was formerly a senior information technology
adviser for the U.S. Department of Homeland Security, Secretary of
Defense, and the Justice Department, will become Target's chief
information officer, effective May 5.
Target also said it would switch its credit-card vendor to
MasterCard Inc. from longtime partner Visa Inc. as part of its
migration next year to the more secure cards that contain computer
chips. Target will use MasterCard's so-called chip and pin
technology on both its store branded debit and credit cards, the
latter which had carried the Visa logo.
Target's data breach, in which 40 million credit- and debit-card
numbers were stolen in the weeks before the year-end holidays, is
one of several retailer data thefts that have come to light in
recent months.
The company disclosed in January that hackers had stolen such
personal information as addresses and telephone numbers of up to 70
million customers. Target later said it found that at least 12
million shoppers had both their credit-card and some personal
information stolen and the overlap is likely greater.
Former Chief Information Officer Beth Jacobs resigned in early
March and was the first high-profile executive to depart after the
breach.
Mr. DeRodes' responsibilities will include oversight of the
Target technology team and operations, along with the ongoing data
security enhancement efforts and the development of Target's
long-term information technology and digital roadmap.
The company is continuing its search for a chief information
security officer, which would be a new position, and a chief
compliance officer.
"Establishing a clear path forward for Target following the data
breach has been my top priority," Chief Executive Gregg Steinhafel
said in a prepared statement. "I believe Target has a tremendous
opportunity to take the lessons learned from this incident and
enhance our overall approach to data security and information
technology."
Target said last month that it was re-examining why its
data-security team missed signs that hackers were inside its system
and has plugged some critical security gaps.
Target has said the hackers appeared to have first entered its
system on Nov. 12, 2013, more than a month before the discount
retail chain's investigators concluded that a breach had
occurred.
Among the other companies that have disclosed data breaches in
recent months are retailers Michaels Stores Inc. and Neiman Marcus
Group. Meanwhile, AOL Inc. on Monday said it is investigating a
security incident involving unauthorized access to a significant
number of user accounts, and Microsoft Corp. said Sunday that it
had discovered a flaw in versions 6 through 11 of its Internet
Explorer Web browser, as well as "limited targeted attacks" to
exploit the flaw.
Write to Lauren Pollock at lauren.pollock@wsj.com
Subscribe to WSJ: http://online.wsj.com?mod=djnwires