Please ensure Javascript is enabled for purposes of website accessibility
Free Article Join Over 1 Million Premium Members And Get More In-Depth Stock Guidance and Research

Target Inc. Is Still a Liability Landmine

By Rich Duprey - Mar 19, 2014 at 9:46PM

You’re reading a free article with opinions that may differ from The Motley Fool’s Premium Investing Services. Become a Motley Fool member today to get instant access to our top analyst recommendations, in-depth research, investing resources, and more. Learn More

There's more fallout to come from the retailer's data breach incident

Three months have passed since the massive data breach at Target ( TGT 0.84% ) ended, and though the retailer continues to plug away, investors should be cautious treading here, because there's still a massive liability IED waiting to detonate -- and it could blow up anytime now.

As is all too well known now, for several weeks in November and December, hackers had free rein to access, steal, and sell sensitive customer data before being discovered and shut down. Some 40 million people -- and possibly as many as 110 million -- were potentially compromised (I should know -- I was one of them). What is only just coming to light, however, is the extent to which all of this was preventable. And because of that, Target's liability in this financial and public-relations disaster is as yet incalculable.

Stuff happens. Hackers will hack, and every level of defense erected will eventually be overcome. From Target to Wal-Mart and J.C. Penney to BJ's Wholesale Club, all their systems have been hacked at one time or another. Even AT&T had an incident years back, and though it's unpleasant and corporations need to implement industry best practices to protect their customers' data, we almost willfully acknowledge that at some point we may see our information compromised. Call it a hazard of doing business in the modern digital age.

What we don't sign onto, however, is a company cavalierly handling our data, or being more concerned about how its reputation will look instead of rectifying the problem. TJX ( TJX 0.63% ) was taken to task several years ago, when it suffered a data breach and waited a whole month before notifying customers, costing the retailer more than $100 million in investigation costs, security system upgrades, customer communications, and legal fees, as well as some $1.6 billion over the lifetime of the case.

If reports are true, the extent to which Target's hack attack was preventable means it could be paying an even bigger price tag, with estimates running into the billions of dollars. According to a Bloomberg Businessweek report last month, the retailer had installed a warning system to alert it for just such a breach, and the FireEye ( FEYE -1.41% ) system worked as designed: It signaled the presence of malware and which servers the hackers had infiltrated. Only problem was, Target ignored them. Time after time, FireEye alerted the retailer to what was happening, and again and again it turned a blind eye toward them.

What's more, it wasn't the sophisticated hack job Target and law enforcement officials originally indicated. Rather, Intel's ( INTC -0.51% ) McAfee subsidiary says it was really an unsophisticated "'off-the-shelf' exploit kit" that could be easily caught and protected against. Target admits its software logged the information, but ultimately the retailer "determined ... it did not warrant immediate follow-up." Yeah, not good.

In its annual filing with the SEC, Target admits its liability will be determined by how culpable it's found to be in these attacks and it expects the credit card companies will all be pointing their fingers at the retailer.

While that portion of our network was determined to be compliant by an independent third-party assessor in the fall of 2013, we expect the forensic investigator working on behalf of the payment card networks to claim that we were not in compliance.

Target is worried that the real fallout will be in the hit it takes to its reputation and on whether customers will trust using its REDcards Rewards loyalty program. Anecdotal evidence suggests customers remain wary, and as the program drives meaningful incremental revenues for the retailer, it says it's already witnessed a significant decline in sales after the attack, though it can't determine whether it will be a sustained drop or a long, drawn-out affair. 

Because it's already spent $61 million as a result of the data breach, and with a potential total liability in the billions, Target's foot is poised just above a landmine. Shares in the retailer bounced 10% from the lows it hit on Feb. 1, but this data breach incident is not over yet, and it's a gamble to bet it won't explode on the hope that consumers have short memories.

This article represents the opinion of the writer, who may disagree with the “official” recommendation position of a Motley Fool premium advisory service. We’re motley! Questioning an investing thesis – even one of our own – helps us all think critically about investing and make decisions that help us become smarter, happier, and richer.

Invest Smarter with The Motley Fool

Join Over 1 Million Premium Members Receiving…

  • New Stock Picks Each Month
  • Detailed Analysis of Companies
  • Model Portfolios
  • Live Streaming During Market Hours
  • And Much More
Get Started Now

Stocks Mentioned

Target Corporation Stock Quote
Target Corporation
$247.57 (0.84%) $2.07
Intel Corporation Stock Quote
Intel Corporation
$49.25 (-0.51%) $0.25
The TJX Companies, Inc. Stock Quote
The TJX Companies, Inc.
$70.69 (0.63%) $0.44
FireEye, Inc. Stock Quote
FireEye, Inc.
$16.09 (-1.41%) $0.23

*Average returns of all recommendations since inception. Cost basis and return based on previous market day close.

Related Articles

Motley Fool Returns

Motley Fool Stock Advisor

Market-beating stocks from our award-winning service.

Stock Advisor Returns
S&P 500 Returns

Calculated by average return of all stock recommendations since inception of the Stock Advisor service in February of 2002. Returns as of 12/05/2021.

Discounted offers are only available to new members. Stock Advisor list price is $199 per year.

Our Most Popular Articles

Premium Investing Services

Invest better with the Motley Fool. Get stock recommendations, portfolio guidance, and more from the Motley Fool's premium services.