Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

KickerFeaturesTopicsCommercial LawTechnology Media and TelecomSectionsNewsLJN Newsletterse-Commerce Law & Strategy

<i>Online Extra</i>Cost of Target Data Breach: $61M ' So Far

By Andrew Ramonas
February 27, 2014

The recent massive data breach at Target Corp. so far has saddled the retail giant with a $61 million tab ' one that could rise in the future, the company said on Feb. 26.

An insurance payment left Target with only $17 million of net expenses from legal assistance, identity-theft protection and other services the company procured after the personal information of as many as 110 million customers was exposed to hackers during the holiday shopping season last year. But in its fourth-quarter earnings report, the Minneapolis-based retailer braced investors for the potential of more costs to come from the cyberattack.

Target didn't estimate future breach expenses. The company, however, said the breach could have a “material adverse effect” on its results of operations in the following months and years. Its future costs could include expenses from litigation, government investigations and card reissuance, the retailer said.

Target's Q4 report, which was the first such report since the retailer acknowledged the breach on Dec. 19, showed that the company posted a net profit of $520 million, a 46% drop from 2012.

Gregg Steinhafel, Target's chairman, president and chief executive officer, said in a written statement that “results softened meaningfully” after the digital attack became public.

“As we plan for the new fiscal year, we will continue to work tirelessly to win back the confidence of our guests and deliver irresistible merchandise and offers, and we are encouraged that sales trends have improved in recent weeks,” he said.

Target's earnings report came a week after'the Credit Union National Association and Consumer Bankers Association reported'that its members racked up more than $200 million on replacing payment cards after the data breach. The trade groups didn't estimate money spent on addressing fraudulent activity, but adding in those expenses would make the total cost of the cyberattack “much higher,” according to the associations.

Andrew Ramonas'writes for'Corporate Counsel, an ALM sibling of'e-Commerce Law & Strategy.

The recent massive data breach at Target Corp. so far has saddled the retail giant with a $61 million tab ' one that could rise in the future, the company said on Feb. 26.

An insurance payment left Target with only $17 million of net expenses from legal assistance, identity-theft protection and other services the company procured after the personal information of as many as 110 million customers was exposed to hackers during the holiday shopping season last year. But in its fourth-quarter earnings report, the Minneapolis-based retailer braced investors for the potential of more costs to come from the cyberattack.

Target didn't estimate future breach expenses. The company, however, said the breach could have a “material adverse effect” on its results of operations in the following months and years. Its future costs could include expenses from litigation, government investigations and card reissuance, the retailer said.

Target's Q4 report, which was the first such report since the retailer acknowledged the breach on Dec. 19, showed that the company posted a net profit of $520 million, a 46% drop from 2012.

Gregg Steinhafel, Target's chairman, president and chief executive officer, said in a written statement that “results softened meaningfully” after the digital attack became public.

“As we plan for the new fiscal year, we will continue to work tirelessly to win back the confidence of our guests and deliver irresistible merchandise and offers, and we are encouraged that sales trends have improved in recent weeks,” he said.

Target's earnings report came a week after'the Credit Union National Association and Consumer Bankers Association reported'that its members racked up more than $200 million on replacing payment cards after the data breach. The trade groups didn't estimate money spent on addressing fraudulent activity, but adding in those expenses would make the total cost of the cyberattack “much higher,” according to the associations.

Andrew Ramonas'writes for'Corporate Counsel, an ALM sibling of'e-Commerce Law & Strategy.

Read These Next
Major Differences In UK, U.S. Copyright Laws Image

This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

Legal Possession: What Does It Mean? Image

Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.

The Stranger to the Deed Rule Image

In 1987, a unanimous Court of Appeals reaffirmed the vitality of the "stranger to the deed" rule, which holds that if a grantor executes a deed to a grantee purporting to create an easement in a third party, the easement is invalid. Daniello v. Wagner, decided by the Second Department on November 29th, makes it clear that not all grantors (or their lawyers) have received the Court of Appeals' message, suggesting that the rule needs re-examination.