Target Security Breach Risks Hurting Sales, Say Analysts

NEW YORK (TheStreet) - Target (TGT) shares were essentially flat Friday morning, one day after the big discount retailer announced a massive security breach at its 1,800 U.S. stores.

Analysts agree that the event is likely to hurt sales at Target's stores at a crucial time, although they disagree on how significant that damage could be. One says the risk to sales should be "manageable," although another is less sanguine.

Shares recently were up 8 cents, or 0.1%, at $62.28.

The stock shed 2% Thursday following the Minneapolis-based retailer's disclosure that it found "unauthorized access" to data on more than 40 million customers' credit and debit cards over three weeks ending Dec. 15.

Hackers were able to gain access to data including "customer name, credit or debit card number, and the card's expiration date and CVV (the three-digit security code)," Target said.

Purchases made on or at its Canada stores were not affected, the company said.

It's a bad time to announce a security breach, as it comes at the tail end of the busy holiday shopping season. The risk of lost sales for Target should be manageable, however, according to J.P. Morgan analyst Christopher Horvers.

"The timing of the incident just prior to four of the historically top [five] holiday selling days (including Super Saturday) clearly exacerbates the impact as customers may be wary to shop at TGT or use their credit cards," Horvers writes in a Dec. 19 note.

"We estimate that this upcoming week could represent up to 15% of this quarter's sales, and if 10% of customers are impacted, and considering the fact that [approximately] 20% of sales are from [Target] REDcard holders, we estimate a 25-50-bps impact to comps," the note says. Horvers rates the stock at neutral and has a 12-month price target of $63.55.

The company is also likely to endure a settlement payment, given that the breach is not via third-party processors.

"Looking at past data breaches, in 2007 TJX reported that hackers broke into its systems and stole [approximately] 45.7mm credit and debit card numbers. The incident resulted in TJX paying $9.7 [million] in a state-level settlement as well as $24 [million] to cover costs by banks that issue MasterCards, and $40.9 [million] to Visa's issuers," Horvers writes.

If you liked this article you might like

Fed, Toys 'R' Us, Equifax and Hurricane Maria - 5 Things You Must Know

Toys 'R' Us Debt Load Tips It Into Chapter 11

Time to Play Equifax?

Time to Play Equifax?

Macy's, Target, Others Will Have Brutal Time Hiring 248,000 Santa's Helpers