http://www.digitaljournal.com/business/business/op-ed-why-target-is-as-much-a-victim-as-to-blame-for-cyber-attacks/article/376155

Op-Ed: Why Target is as much a victim as to blame for cyber attacks

Posted Mar 13, 2014 by Jeffrey Nelson
If you were one of those people that got a phone call out of nowhere stating that your account has been compromised, you're well aware that Target has been the victim of recent cyber attacks.
Two young men walk past a Target store in Fairfax  Virginia  November 24  2011
Two young men walk past a Target store in Fairfax, Virginia, November 24, 2011
Paul J. Richards, AFP/File
What isn't as well-known is that the attacks on target were part of a much broader, more widespread and seemingly coordinated attack on several US companies.
Cyber attacks have risen in the last year alone. IBM reports that companies are attacked up to 2 million times per week -- and those are just the attacks that are reported or documented.
While major corporations, like Target, are definitely the ones who take the brunt of the blow, smaller companies and organizations, as well as government and educational institutions, are also victims of this 21st century crime wave.
So why can't we blame Target?
It's tough to blame Target for a couple of pretty solid reasons. While it's incredibly annoying for an individual to get their information stolen, it's probably even more frustrating for Target. That same IBM report says that the average successful cyber attack cost $300,000 to clean up; although someone stealing 76 million Target consumers information is hardly average.
With Target profiting around $80 million per week, even a slight dip in sales due to the security breach (which happened -- about 2.5 percent in the fourth quarter) is catastrophic and much, much more expensive than some enhanced software would cost them.
The point is: Target wants your information stolen probably less than you do. While it inconveniences a person, especially those trying to build their credit by using a credit card or people going about their business using their debit card, it costs Target a lot of resources to deal with; time, money and labour hours as well as perception and lost revenue going forward.
The second reason is that Target has nothing to gain from said attack. With all the downside and seemingly none of the upside, Target has absolutely no incentive to allow this type of thing to happen. In fact, the incentive lies in assuring this never happens.
Target Quarterly Earnings Per Share | FindTheBest
Target was apparently thinking ahead as six months before the attack on Target during last year's holiday season, the company installed something that would supposedly stop this time of attack to the tune of $1.6 million. That, in my opinion, is being proactive.
While some will blame Target, and some will give them a by on the issue, I believe it's a combination of both: Target has a responsibility to keep the information safe, period. Therefore, if it becomes unsafe, or compromised, it's their fault. However, at the same time, if there was no clear negligence on their part, it needs to get chalked up on the "stuff happens" category.