Target CEO Gregg Steinhafel's resignation Monday as president, CEO and chairman of the Board of the company likely isn't a sign that boards of directors are now holding chief executives accountable for massive data breaches.
While some observers quickly linked Steinhafel's exit with the breach, his departure likely has more to do with Target's botched expansion in Canada, analysts said.
"The breach may have been the straw that broke the camel's back," said Avivah Litan, an analyst with Gartner. "But I can't imagine him taking the fall just because of the breach. The board probably wanted him to leave because of poor financial performance" in Canada, she said.
Target on Monday announced that Steinhafel stepped down as CEO, effective immediately. In a statement, the company said CFO John Mulligan was named interim president and CEO. Board member Roxanne Austin was named interim non-executive chair of the board, the statement said.
The company did not say why Steinhafel is leaving after 35 years at the company. Instead, the statement merely noted the challenges that Target faced in Canada last year, and the data breach.
"Today we are announcing that, after extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target," the statement read.
The announcement comes five months after Target disclosed a massive data breach that exposed the personal data stored on an estimated 100 million credit and debit cards.
The breach is expected to cost Target hundreds of millions of dollars in remediation, legal and other costs. The company has already blamed the breach for lower-than-expected earnings last year. It has also acknowledged that the incident has considerably damaged company's brand and reputation.
Litan noted that Target opened 124 stores in Canada in 2013 and said it would open another 10 this year. The rollout has so far been messy and costly, according to financial analysts.
Target's Canadian operations lost $941 million on revenue of $1.3 billion in 2013. Financial and retail analysts blamed the botched rollout on Steinhafel's decision to open so many new stores at once.
Retail analyst Rob Wilson of Tiburon Research Group said the breach only diverted attention from the massive problems the company was having in Canada.
"Sure the breach happened on Steinhafel's watch, but he reacted well and the CIO already was replaced," Litan said. "It's not common for CEO's to take the fall for a breach -- and in my opinion, the breach probably contributed to only 30 percent of why he had to go."
Pete Lindstrom, an analyst at IDC, predicted that Steinhafel's exit will do little to improve security at Target.
"You might be able to get more funding for security," in the near term. But replacing the CEO will do little change Target's risk profile, he said. "There is no good lesson to learn about the resignation. It is more likely to create extra overhead and superficial attention that to really address risk."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is [email protected].
Read more about security in Computerworld's Security Topic Center.