Printed from BusinessInsurance.com

Senators ask Target CEO for information on data breach

Posted On: Jan. 14, 2014 12:00 AM CST

(Reuters) — Two U.S. senators sought answers from the chief executive of Target Corp. as questions mounted in Washington about the company's response to the hacking of credit and debit cards of millions its customers during the holiday shopping season.

"We ask that Target's information-security officials provide a briefing to committee staff regarding your company's investigation and latest findings," said Sen. John Rockefeller, D-W.Va., chairman of the Senate Commerce Committee, and Sen. Claire McCaskill, D-Mo., who heads a Commerce subcommittee on consumer protection.

The Democratic senators' Jan. 10 letter to Target CEO Gregg Steinhafel was released on Tuesday, the latest in a series of calls for inquiries into the hacking of the No. 3 U.S. retailer.

Shortly afterward, the top Democrat on the Oversight and Government Reform Committee of the U.S. House of Representatives sought a hearing on the theft of about 40 million credit and debit card records and 70 million other records containing customer information.

Rep. Elijah Cummings, D-Md., said the committee's focus since October has been investigating the security of the federal government's health insurance website, HealthCare.gov, which has not been breached.

He urged the committee chairman, Rep. Darrell Issa, R-Calif., to turn his attention to Target.

"In addition to serving the interests of millions of American consumers affected by this breach, I believe the committee could learn from these witnesses about their failures, successes and best practices in order to better secure our federal information technology systems," Rep. Cummings wrote.

%%BREAK%%

Target disclosed on Dec. 19 that it was a victim of one of the biggest credit card breaches on record, which it said lasted for 19 days in the busy holiday shopping season through Dec. 15.

The company on Monday apologized for the breach.

"It has been three weeks since the data breach was discovered, and new information continues to come out," Sens. Rockefeller and McCaskill wrote. "We expect that your security experts have had time to fully examine the cause and impact of the breach and will be able to provide the Committee with detailed information."

The Target hacking shows the need for federal legislation on commercial data practices, the senators said.

Democratic lawmakers sought a congressional hearing on Monday from the Financial Services Committee. Its Republican chairman, Rep. Jeb Hensarling, R-Texas, said his panel will continue to hold hearings on the security of financial information and on how to protect personal consumer information.

"Americans have a right to expect that the personal information they turn over to private companies and government agencies will be protected and kept secure from loss, unauthorized access or misuse," Rep. Hensarling said in a statement.

Separately, an official with the House Energy and Commerce committee's majority Republicans said that one of its subcommittees has held numerous hearings on data breaches and that it was monitoring the Target situation but has taken no specific action.

The National Association of Federal Credit Unions sent letters on Monday to congressional leaders, demanding action on data security.

%%BREAK%%

Although congressional hearings would allow for an airing of grievances and could bring Target officials to Washington for questioning about how the case has been handled, they would not necessarily result in any action or in legislation.

Mr. Steinhafel told CNBC television on Monday: "We're going to get to the bottom of this. We're not going to rest until we understand what happened and how that happened."

A Target spokeswoman could not be immediately reached for comment.

Target shares were near steady at $61.55 in afternoon trading on the New York Stock Exchange.