Less than a year after a major data breach that exposed the personal and financial information of as many as 110 million shoppers, Target CEO Gregg Steinhafel is stepping down.
The retail giant's board of directors announced on Monday that John Mulligan, the company's chief financial officer, has been appointed as interim president and chief executive until a permanent replacement is named. Steinhafel will continue to serve an advisory role for the Minneapolis-based company.
During last year's holiday shopping season, the company suffered a data breach that exposed up to 40 million credit and debit card numbers and 70 million people's personal information. The hack captured headlines for weeks and led to a series of hearings on Capitol Hill.
Steinhafel "held himself personally accountable and pledged that Target would emerge a better company," the board said on Monday. "We are grateful to him for his tireless leadership and will always consider him a member of the Target family."
Despite the calls for new legal protections for consumers' data after the hack, legislation has yet to make it through Congress.
One idea that has gained some momentum is a national law to outline how companies and other organizations notify people once their information may have been stolen. In a report on "big data" published last week, a White House panel pointed to a "patchwork" of 47 state laws on the issue, which companies have said can be confusing to navigate and consumer advocates worry leads to different standards of protections.
"As organizations store more information about individuals, Americans have a right to know if that information has been stolen or otherwise improperly exposed," the report said.