The retailer is shaking up its information technology management team after last year’s massive cybertheft of customer data.
The chief information officer of Target Corp. has resigned as the retail giant overhauls its information security operations amid investigations into a major theft of customer data.
The Minneapolis-based company said Wednesday that it is searching for an interim executive to replace departed CIO Beth M. Jacob on what it described as a long-term, temporary basis.
In a statement Wednesday, Target Chief Executive Gregg Steinhafel described the search for an interim CIO as a “first step.”
“While we are still in the process of an ongoing investigation, we recognize that the information security environment is evolving rapidly,” Steinhafel said.
The company provided a copy of Jacob’s resignation letter, dated March 5, in which Jacob wrote, “This is a good time for a change.”
“This is a difficult decision after 12 rewarding years with the company I love,” Jacob wrote. “This is a time of significant transformation for the retail industry and for Target.”
Jacob, 52, of Medina, did not respond to phone messages Wednesday. Target declined requests for interviews.
Steinhafel outlined other changes to Target’s information security management in his statement. The company has created the position of chief information security officer and is hiring outside for that position. It has also started an external search for a chief compliance officer.
Additionally, Steinhafel said the company is working with an external adviser, Promontory Financial Group, to evaluate its “technology, structure, processes and talent.” Promontory, based in Washington, D.C., advises governments and companies on complex risk and regulatory matters.
The chief information security officer position is a new one for Target, a spokeswoman said. Brenda Bjerke, Target’s senior director for information protection, held some of the responsibilities of a chief information security officer, but was not a chief information security officer, she said.
Bjerke will remain with Target, the spokeswoman said. She said she didn’t know what Bjerke’s role would be.
The management shake-up is Target’s latest response to last year’s monster data breach in which cyberthieves made off with two sets of data, the debit and credit card information of about 40 million shoppers and the partial personal information, such as e-mail addresses, of about 70 million people.
The company doesn’t know how much overlap there is between the two breaches or how much of the personal information is repetitious or out of date, but the theft is one of the country’s largest recorded data security breaches.
While there have been relatively few reports to date of actual fraud stemming from the giant theft, the company faces potential fines and costly litigation over alleged negligence in protecting customer data.
Reporting year-end earnings last week, Target said it spent $61 million in the fourth quarter on costs related to the cybertheft, but expects insurance to cover $44 million of it. That number is expected to grow substantially.
Jacob, who holds an MBA from the University of Minnesota, joined Target predecessor Dayton’s in 1984 as a department store assistant buyer. She left in 1986 and returned to Target in 2002 as director of customer contact centers. In 2008 she became CIO and executive vice president of Target Technology Services.
Reporting to Steinhafel, she oversaw operations in the United States and India, where Target runs a technology hub in Bangalore.
Critics have noted that she had deep operations experience but lacked an information technology background.