Why It Took Target CEO 6 Months to Resign After Embarrassing Data Breach

May 5, 2014 #151; -- Target CEO Gregg Steinhafel’s resignation today signals an end to six months of corporate navel-gazing since the retailer’s huge data breach and clears the way for some major overhaul, according to Ken Perkins, equity analyst with Morningstar.

Perkins said he was "not entirely surprised" by the board of directors’ announcement about Steinhafel, who started with the company as a merchandise trainee 35 years ago.

READ MORE: Target Chairman and CEO Out in Wake of Breach

Perkins said the board has been reviewing the company's progress toward its long-term financial goals, trying to understand the "full grasp of what happened and who's accountable."

"Ultimately, the CEO is responsible in that 'the buck stops here,'" Perkins said.

Adam Levin, chairman of Identity Theft 911 and ABCNews.com's security and credit columnist, said companies tend to discount the ramifications of security breaches.

"Corporations have a tendency to move at a glacial speed," Levin said. "It’s OK for corporations to be deliberative, but the time to be deliberative is before the breach."

Levin said what is needed after security breaches are three responses from a company.

"Urgency, transparent, and empathy are all critical. I don’t think they showed enough of those three," Levin said of Target.

Without the ability to be a fly on the wall of the boardroom, Levin said it is difficult to say what triggered the resignation announcement today and not months ago or months later.

Another possibility is that Steinhafel wanted to leave of his own volition, because security breaches can take an "enormous toll" on the head of a company, Levin said.

"He might have made his own decision that he needed a break, and they needed a new face and to push the firm along more quickly," Levin said.

Target's chief information officer Beth Jacob resigned in March, the first executive affected by the management fallout.

Steinhafel's compensation for the year that ended Jan. 31, 2013, was more than $20.6 million. It was $19.7 million in the previous year. He also became president and CEO in May 2008. He earned more than $9.9 million in 2008 and $13.3 million in 2009, according to the company’s SEC filings.

READ MORE: Major Events Related to the Career of Target's CEO

Target's board said Steinhafel is entitled to severance payment but the company has "not made a final determination on other compensation-related aspects of Mr. Steinhafel’s departure.”

Aaron Boyd, director of governance research with executive compensation firm Equilar, said he expects the company to file its updated proxy with the U.S. Securities and Exchange Commission soon, which would reveal Steinhafel's most recent compensation.

Target stock had fallen about 3 percent by midday to $60.18 a share. The company said in February that its profit in the fourth quarter fell 46 percent while revenue declined. It’s unclear whether the company made a strategic move in announcing Steinhafel's resignation before its first-quarter earnings announcement on May 21.

The embarrassing data breach was first reported in November by security blogger Brian Krebs. Since then, Target has admitted the breach might have affected up to 70 million individuals.

Morningstar’s Perkins said the company's two biggest issues to resolve over the long term are its expansion into Canada and the data breach fallout.

In Steinhafel's letter of resignation to the board, dated today, he offered little explanation about his decision to resign as chairman, president and CEO.