Target (TGT -0.36%) President and CEO Gregg Steinhafel resigned Monday, also stepping down as chairman of the board, mostly a casualty of the massive holiday-season data breach from which the retailer has yet to recover. Steinhafel -- a 35-year Target veteran -- has also faced declining profitability, mixed results in the company's expansion into Canada, and overall questions about his leadership. 

In the breach 40 million credit and debit card accounts were compromised between Nov. 27 and Dec. 15 and on Jan. 10 the company said hackers also stole personal information -- names, phone numbers, and email and mailing addresses -- from as many as 70 million customers. 

In a letter to the board of directors, posted to Target's website Monday, Steinhafel said, "The last several months have tested Target in unprecedented ways. From the beginning, I have been committed to ensuring Target emerges from the data breach a better company, more focused on delivering for our guests."

In many ways Steinhafel, who will stick around to aid in the transition, is just being a good company man, essentially taking the blame for the data security problems to shift it away from others. His departure was clearly negotiated -- it's possible he could have held onto his job had he dug his heels and fought, but that wouldn't have been best for Target.

"Today we are announcing that, after extensive discussions, the board and Gregg Steinhafel have decided that now is the right time for new leadership at Target," a company statement posted on its website Monday morning says.

Steinhafel fell on his sword for a data breach he was technically responsible for though it's hard to see how it's actually his fault. CEOs have been kept on after worse. But how you handle a crisis -- and how quickly you react -- plays a major role in whether a CEO keeps his job after something goes terribly wrong.

Bad business decisions can be fixed

In 2011 Netflix (NFLX 4.17%) CEO Reed Hastings made the disastrous decision to uncouple the company's digital streaming service from its DVD delivery service, which effectively was a massive price increase for customers. The company's subscribers reacted negatively with some leaving the service and others calling for Hastings' job -- which seemed entirely possible at the time. 

Though it took a little while longer than it should have, after the company lost 800,000 subscribers, Hastings apologized in a letter to shareholders.

"The last few months ... have been difficult for shareholders, employees, and most unfortunately, many members of Netflix," Hastings wrote in the letter. "We've hurt our hard-earned reputation, and stalled our domestic growth."

Hastings was not fired at least partially because he owned up to his mistake, and the company not only reversed its subscriber trend to build to more than 46 million customers, it rebuilt its relationship with its customers. According to the 2014 Harris Poll EquiTrend, which assesses more than 1,500 brands across 170 categories, "Netflix increased at the fastest rate among the Top 100 measured brands over the last two years (2012 to 2014)." 

In many ways Hastings took a page from the playbook of former Coca-Cola (KO 0.15%) CEO Roberto Goizueta who in 1985 led the brand to replace its beloved classic formula with a new one. New Coke led to a fall-off in sales and a massive increase in complaints to Coke's headquarters. Instead of risking his job on the idea that the public would eventually accept the new product, less than three months after New Coke's introduction the original formula was revived. Classic Coke quickly won back lost market share, ultimately making Coke bigger than it ever was.  

Had either CEO let his mistake linger as Steinhafel did, he likely would have lost his job. Had Steinhafel taken decisive action quickly, he might have earned a reprieve.

It's about the company

Unless Steinhafel ignored the possibility of a security breach, it seems unlikely that that he was anything more than the guy sitting in the top chair when something bad happened. That's similar to how former BP (BP 0.98%) CEO Tony Hayward lost his job after the Deepwater Horizon oil spill that decimated the Gulf Coast. Hayward did not cause the spill anymore than Steinhafel caused the data breach. But if something really bad happens on your watch -- that shakes consumers' faith in your company -- then a CEO's head very well could roll.

Could Steinhafel or Hayward have handled the crises better and held onto their jobs? Possibly. If they had reacted faster, been more decisive, and thrown themselves on the mercy of the public they might have held on … but it's unlikely as there may not have been a quick solution in either case. A pricing scandal and even a disastrous product change can be overcome with an apology, but how do you apologize for something that happened wasn't your fault and you can't fix quickly?

Can a new CEO guarantee Target won't be the victim of another data breach? Not anymore than BP's current boss can promise there will never be another oil spill.

Steinhafel likely lost his job for an event that was beyond his control that nobody could have quickly remedied. In many ways his ousting is like when an NFL teams fires it coach -- it can't replace all its players. The move earns some goodwill and buys some time but it does little to address the underlying problem.