When lawmakers summoned Target Corp. to Capitol Hill after the retailer's stunning data breach, it was CFO John Mulligan the company dispatched for the grilling.
Mulligan served as the face of Target for this winter's breach proceedings, striking an apologetic tone and vowing to improve the company's data security. Chief Executive Gregg Steinhafel, the man in charge, stayed away.
Now, with Steinhafel's exit last week, Mulligan is at the helm of the nation's No. 2 retailer. Company watchers call him a natural choice to help stabilize the Minneapolis-based company as it hunts for a permanent CEO.
Former Target executive Jerry Storch, head of Storch Advisors in Minneapolis, called Mulligan "smart and practical."
"He has a calm, reassuring style," Storch said.
Brian Yarbrough, consumer analyst at Edward Jones & Co., said Mulligan "knows the business."
Installing Mulligan, 48, as interim CEO should give Wall Street some measure of calm as the Minneapolis-based retailer casts a wide net for a CEO who will face a substantial repair list, not the least of which is fixing huge losses on its expansion in Canada.
A numbers guy who rose through Target's finance ranks, Mulligan is accustomed to fielding tough questions from investors and industry analysts. And he's as easy in person as Steinhafel can be awkward in public speaking, Target watchers say.
Mulligan lives in Shoreview, and spent much of his childhood in Eau Claire, Wis., graduating from the University of Wisconsin in 1988.
Longtime friend Anthony Bourget, a patent and trademark lawyer in Eau Claire, Wis., called Mulligan "a genuine leader type of guy." Bourget said Mulligan impressed his teachers at Regis Catholic Schools as inquisitive, humble and intelligent. The old Eau Claire crowd remains fairly tight, he said.
Mulligan worked as a senior design engineer at Kleenex maker Kimberly-Clark Corp. and senior project engineer at Waldorf Corp. in St. Paul before earning an MBA from the University of Minnesota in 1996.
That was the year Mulligan joined Target as a financial analyst, eventually working his way up to director of Target.com finance in 2003. He held a variety of other posts before being picked to replace retiring CFO Doug Scovanner in April 2012.
Capitol Hill appearances
Though he is a familiar face for Wall Street analysts who track the cheap-chic retailer, Mulligan was relatively unknown to the general public before heading to Washington in February to testify at a Senate Judiciary Committee hearing.
There, a contrite Mulligan described how the Justice Department alerted Target on Dec. 12 to suspicious activity involving payment cards used at its stores. He talked about how the company removed the malware and opted for broad public disclosure via the media, rather than e-mailing or phoning customers to notify them of the breach. He defended the company's efforts to secure its networks.
"Over the past several years, we have invested hundreds of millions of dollars in several areas — in technology to prevent data loss," Mulligan testified. "This includes segmentation, malware detection, intruder detection and prevention, data-loss prevention tools, multiple layers of firewalls."
Mulligan hit the apology note hard.
"He was a good witness for the company, and I appreciated his candor," said Sen. Al Franken, a member of the committee. "You could tell he felt genuinely sorry for what had happened. It was also clear that he took the responsibility to protect Target's customers' data very seriously."
It was the first of three Capitol Hill hearings Mulligan would testify at. In March, before another committee, he had to address a Senate "Kill Chain" analysis that accused Target of missing multiple opportunities to thwart the attack on its systems. Those included alerts from its own anti-intrusion software in November, weeks before the Justice Department alerted Target to a card fraud problem.
Mulligan said then that the company was asking "hard questions" about what it could have done differently.
"In particular," he said, "we are focused on what information we had that could have alerted us to the breach earlier, whether we had the right personnel in the right positions and ensuring that decisions related to operational and security matters were sound."
Mulligan reiterated that the company first identified malware on Dec. 15.
Aiming to spur change
Target declined repeated requests from the Star Tribune to interview Mulligan, but he has told other media outlets that he doesn't want the CEO job permanently. He also has made it clear that he plans to spur change and improve financial results.
"As an interim CEO, I am not simply keeping the ship afloat," he said in a Q&A posted last week on Target's website. "We need to accelerate our growth, and that means we all have to move faster and empower the people around us to do the same."
Yarbrough, at Edward Jones, called Mulligan's talk about acceleration a big positive.
"I think the board is probably giving him some leeway," he said. "It can take six to eight months to bring somebody new in."
In a note to investors Monday, analysts at Janney Capital Markets called Mulligan a solid "caretaker" and said the retailer needs someone who can reinvigorate "a great, if tarnished brand."
"Target needs a turnaround specialist," the analysts wrote. " Someone who could re-energize a workforce that has been demoralized by bad news, and make tough and quick decisions regarding a variety of strategies that need review at the company."
Staff writer Patrick Kennedy contributed to this report.
Jennifer Bjorhus • 612-673-4683