Acct 302 Group Projecttarget Data Breach Accounting For Contingent LiACCT 302 Group Project Target Data Breach: Accounting for Contingent Liabilities Due Date:

Acct 302 Group Projecttarget Data Breach Accounting For Contingent Li ✓ Solved

ACCT 302 Group Project Target Data Breach: Accounting for Contingent Liabilities Due Date: May 10, 2021 (Submit via iLearn) Written Project Guidelines: ï‚· This project accounts for 10% of your course grade. ï‚· Work in group of 5 people; write a 3~4 page report to address all of the following questions. ï‚· Your report has to be typed. All text should be 12-point font, double spaced. ï‚· Your report is expected to be grammatically correct and use proper citing and referencing. Required: Write a report to describe what happened to Target and address all of the following questions. (1) Managers are bound by GAAP and securities regulations to inform the investing public about an adverse event affecting the company.

In this case, how did Target’s managers communicate the adverse news and provide the relevant information about the data breach to customers and shareholders through their 10-K filed on March 14, 2014? (2) Read the description of the data breach in their MD&A section carefully. What potential future costs related to the data breach did Target face? (3) Discuss and explain how Target followed GAAP to identify, treat, and report loss contingencies pertaining this data breach in their 10-K filed on March 14, 2014. Grading Policy: Your response will be graded for both technical content and writing skills. Technical content will be evaluated for information that is helpful to the intended reader and clearly relevant to the issue.

Writing skills will be evaluated for development, organization, and the appropriate expression of ideas in a professional manner. UV7357 Oct. 6, 2017 This case was prepared by Justin J. Hopkins, Assistant Professor of Business Administration. It was written as a basis for class discussion rather than to Charlottesville, VA.

All rights reserved. To order copies, send an e-mail to [email protected] . No part of this publication may be reproduced, stored in a retrieval system, used in a spreadsheet, or transmitted in any form or by any means—electronic, mechanical, photocopying, recording, or otherwise—without the permission of the Darden School Foundation. Our goal is to publish materials of the highest quality; please submit errata to [email protected] . Target Data Breach: Accounting for Contingent Liabilities It was December 19, 2013, and Josiah Thrasher had just hung up the phone.

His grandmother was very worried about the news disclosed that day that millions of credit cards were stolen from Target Corporation (Target) because she loved shopping at Target and was not sure what the news meant for her. Was she at risk of fraud? Thrasher was not sure what it meant for himself, either, as Target was a publicly traded company (NYSE: TGT) in his portfolio of investments. Thrasher figured it was worth the time to get to the bottom of the story. He read the press release Target issued, which indicated that 40 million credit and debit cards belonging to customers who had shopped at Target stores from November 27 through December 15, 2013 had been compromised.1 The next day, Target issued two press releases.

The first reassured customers that they would not be responsible for any fraudulent charges to their cards, and the second was a more personal message from the CEO, Gregg Steinhafel, which confirmed Target’s commitment to its customers and offered a 10% discount for all shoppers on December 21 and 22.2 “That seems generous,â€ Thrasher thought, but he wondered who would shop at a store that had just been hacked. The next several days were busy for Target’s public relations group, and it continued to issue security updates throughout December. What bad luck to be on the receiving end of the largest hack of a retailer in history, right in the middle of the busiest shopping season of the year! Luckily for Thrasher, though, Target’s stock had barely budged (Exhibit 1).

While the Internet was full of discussion about the breach, very little of it related to the costs Target was likely to incur. Target had just filed Q3 results on November 27, 2013, and would not file year-end results until March because, as a retailer, it had a fiscal year that ended on an unusual date. The current fiscal year would end on February 1. Thrasher would have to wait until then to figure out the extent of the financial damage caused by the data breach. About Target In 1902, George Draper Dayton purchased a parcel of land on Nicollet Avenue in Minneapolis, Minnesota, and founded Dayton’s Dry Goods Store.

Dayton’s belief in “the higher ground of stewardshipâ€ focused on providing dependable merchandise at a fair price and a generous spirit of giving. This spirit led to, among other donations, the creation of the Dayton Foundation with a million grant. The company grew rapidly, changed 1 Target Corporation press release, December 19, 2013. 2 Target Corporation press release, December 20, 2013. For the exclusive use of S.

Chou, 2021. This document is authorized for use only by Shih-Chu Chou in 2021. its name several times as it merged with other retailers, and took the name Target Corporation in 2000.3 As of 2014, Target operated nearly 2,000 retail stores in every state in the United States (except Vermont) and Canada.4 It was the second-largest discount retailer in the United States, employing 366,000 full-time, part-time, and seasonal employees, and it was listed on the S&P 100.5 Dayton’s philosophy of stewardship and giving pervaded the corporate culture; as of 2017, Target ranked number 44 among Forbes’s list of most-admired companies. It ranked first in its industry for social responsibility, and its community giving was widely recognized.6 A recent report from the Chronicle of Philanthropy indicated that Target had donated over 5 million in cash and products, or 4.4% of its pretax profits in 2015, to causes dedicated to children and youths, education, health, and hunger.7 Target Corporation 2013 Financial Results On March 14, 2014, Target issued its 2014 annual report.

Thrasher could not help but notice the prominence Target gave to the data breach. Discussions of its effects began on page 2 and were repeated throughout the 10-K. Just out of curiosity, he searched the report for “data breachâ€ and found 70 hits! The management discussion and analysis (MD&A) included nearly two full pages about the breach, but the breach was also discussed in the description of the business, risk factors, and several other places in the annual report. Additionally, Thrasher found another disclosure later in the MD&A that described Target’s accounting for legal and other contingencies as follows:8 Legal and other contingencies: We are exposed to other claims and litigation arising in the ordinary course of business and use various methods to resolve these matters in a manner that we believe serves the best interest of our shareholders and other constituents.

When a loss is probable, we record an accrual based on the reasonably estimable loss or range of loss. When no point of loss is more likely than another, we record the lowest amount in the estimated range of loss and disclose the estimated range. We do not record liabilities for reasonably possible loss contingencies, but do disclose a range of reasonably possible losses if they are material and we are able to estimate such a range. If we cannot provide a range of reasonably possible losses, we explain the factors that prevent us from determining such a range. Historically, adjustments to our estimates have not been material.

We believe the accruals recorded in our consolidated financial statements properly reflect loss exposures that are both probable and reasonably estimable. With the exception of Data Breach-related loss exposures, we do not believe any of the currently identified claims or litigation will materially affect our results of operations, cash flows or financial condition. However, litigation is subject to inherent uncertainties, and unfavorable rulings could occur. If an unfavorable ruling were to occur, it may cause a material adverse impact on the results of operations, cash flows or financial condition for the period in which the ruling occurs, or future periods. 3 Target Corporation website, (accessed Feb.

15, 2017). 4 Excerpts from Target Corporation 10-K filing, March 14, 2014. 5 The S&P 100 was a subset of the S&P 500, a market-capitalization-weighted index of shares of the 500 largest companies traded on both the New York and American Stock Exchanges. 6 Chronicle of Philanthropy website: (accessed Feb. 15, 2017).

7 Excerpts from Target Corporation 10-K filing, March 14, 2014. 8 Excerpts from Target Corporation 10-K filing, March 14, 2014. For the exclusive use of S. Chou, 2021. This document is authorized for use only by Shih-Chu Chou in 2021.

For Data Breach-related exposures, we are unable to reasonably estimate a range of probable loss in excess of the recorded payment card network contingent losses. We believe that losses from the payment card networks in excess of the amounts recorded in fiscal 2013 are reasonably possible, and that these losses could be material to our results of operations in future periods, but we are unable to estimate a range of such reasonably possible losses. We are also unable to estimate a range of reasonably possible losses arising from Data Breach-related litigation and governmental investigations. Finally, in the footnotes to the financial statements, Thrasher found the following: 9 Insurance coverage To limit our exposure to Data Breach losses, we maintain 0 million of network-security insurance coverage, above a million deductible.

This coverage and certain other insurance coverage may reduce our exposure. We will pursue recoveries to the maximum extent available under the policies. As of February 1, 2014, we have recorded a million receivable for costs we believe are reimbursable and probable of recovery under our insurance coverage, which partially offsets the million of expense relating to the Data Breach. After examining the 10-K, Thrasher was unsure how important the data breach was to Target. On one hand, Target seemed to have thoroughly explained the breach and possible consequences.

On the other, it seemed as if very little was known at the time. He wondered how material the breach was given that Target’s net income was nearly

Acct 302 Group Projecttarget Data Breach Accounting For Contingent Li

Dayton’s belief in “the higher ground of stewardshipâ€ focused on providing dependable merchandise at a fair price and a generous spirit of giving. This spirit led to, among other donations, the creation of the Dayton Foundation with a $1 million grant. The company grew rapidly, changed 1 Target Corporation press release, December 19, 2013. 2 Target Corporation press release, December 20, 2013. For the exclusive use of S.

Chou, 2021. This document is authorized for use only by Shih-Chu Chou in 2021. its name several times as it merged with other retailers, and took the name Target Corporation in 2000.3 As of 2014, Target operated nearly 2,000 retail stores in every state in the United States (except Vermont) and Canada.4 It was the second-largest discount retailer in the United States, employing 366,000 full-time, part-time, and seasonal employees, and it was listed on the S&P 100.5 Dayton’s philosophy of stewardship and giving pervaded the corporate culture; as of 2017, Target ranked number 44 among Forbes’s list of most-admired companies. It ranked first in its industry for social responsibility, and its community giving was widely recognized.6 A recent report from the Chronicle of Philanthropy indicated that Target had donated over $215 million in cash and products, or 4.4% of its pretax profits in 2015, to causes dedicated to children and youths, education, health, and hunger.7 Target Corporation 2013 Financial Results On March 14, 2014, Target issued its 2014 annual report.

For Data Breach-related exposures, we are unable to reasonably estimate a range of probable loss in excess of the recorded payment card network contingent losses. We believe that losses from the payment card networks in excess of the amounts recorded in fiscal 2013 are reasonably possible, and that these losses could be material to our results of operations in future periods, but we are unable to estimate a range of such reasonably possible losses. We are also unable to estimate a range of reasonably possible losses arising from Data Breach-related litigation and governmental investigations. Finally, in the footnotes to the financial statements, Thrasher found the following: 9 Insurance coverage To limit our exposure to Data Breach losses, we maintain $100 million of network-security insurance coverage, above a $10 million deductible.

This coverage and certain other insurance coverage may reduce our exposure. We will pursue recoveries to the maximum extent available under the policies. As of February 1, 2014, we have recorded a $44 million receivable for costs we believe are reimbursable and probable of recovery under our insurance coverage, which partially offsets the $61 million of expense relating to the Data Breach. After examining the 10-K, Thrasher was unsure how important the data breach was to Target. On one hand, Target seemed to have thoroughly explained the breach and possible consequences.

On the other, it seemed as if very little was known at the time. He wondered how material the breach was given that Target’s net income was nearly $2 billion in 2013, it had $44.5 billion in assets, and it generated $6.5 billion in operating cash flows. Further, he also noticed that Target issued non-GAAP financial measures, which removed the effect of the data breach (see page 25 of the 10-K). 9 Excerpts from Target Corporation 10-K filing, March 14, 2014. For the exclusive use of S.

Chou, 2021. This document is authorized for use only by Shih-Chu Chou in 2021. Exhibit 1 Target Data Breach: Accounting for Contingent Liabilities Target Corporation Share Price Source: Created by author. S h a re P ri ce Date For the exclusive use of S. Chou, 2021. This document is authorized for use only by Shih-Chu Chou in 2021.

billion in 2013, it had .5 billion in assets, and it generated .5 billion in operating cash flows. Further, he also noticed that Target issued non-GAAP financial measures, which removed the effect of the data breach (see page 25 of the 10-K). 9 Excerpts from Target Corporation 10-K filing, March 14, 2014. For the exclusive use of S.

Paper for above instructions

Introduction

The Target data breach of December 2013 marked a significant incident in cybersecurity history. During the critical holiday shopping season, the personal information of approximately 40 million customers was compromised (Cohen, 2014). This incident raised important questions regarding financial reporting, contingent liabilities, and the appropriate disclosures required of publicly-traded companies like Target. Specifically, the information disclosed in Target's 10-K filing on March 14, 2014, addressed the implications of the breach, potential future costs, and the adherence to Generally Accepted Accounting Principles (GAAP) regarding loss contingencies.

Communication to Stakeholders

As mandated by GAAP and securities regulations, Target's management utilized the 10-K filing to transparently communicate the adverse event to shareholders and the investing public. The disclosure was prominently featured in Target’s Management Discussion and Analysis (MD&A) section, where the company provided extensive information about the data breach, the rationale behind the events, and its potential financial impact (Target Corporation, 2014).
Target emphasized its commitment to customer security and reassured stakeholders about its plans for addressing the breach. The CEO issued a personal message highlighting the company’s dedication to customer trust and safety and offered compensatory measures such as a 10% discount for affected customers (Target Corporation, 2014). The management's active stance in communicating about the breach set a precedent for corporate accountability and transparency, ultimately aiming to restore customer confidence.

Potential Future Costs Related to the Data Breach

Target faced a variety of potential future costs as a result of the data breach. The company disclosed in its 10-K that it might incur substantial liabilities related to ongoing investigations, legal claims from customers and financial institutions, and fines levied by regulators. Specifically, costs categorized as loss contingencies included reimbursing payment card networks for fraudulent transactions and potential settlements with affected customers (Target Corporation, 2014).
Moreover, the breach spurred heightened scrutiny as regulatory bodies investigated the incident, which could result in further costs associated with compliance and legal fees. This situation was exacerbated by the uncertainty surrounding the estimated range of losses, as Target stated that losses from the payment card networks above recorded amounts were reasonably possible but not reliably estimable (Target Corporation, 2014). The potential for litigation and government investigations could lead to future financial burdens, posing significant challenges for Target's financial reporting.

GAAP Compliance in Reporting Loss Contingencies

According to GAAP, specifically FASB ASC 450, a company must evaluate whether to recognize or disclose loss contingencies based on the probability of occurrence and the ability to estimate potential losses accurately (FASB, 2022). In the case of the Target data breach, the company adhered to these guidelines while reporting its contingent liabilities.
Target's 10-K filing reflected its approach to loss contingencies by revealing that when a loss is probable, they recorded an accrual based on the estimated amount. However, Target noted that for the data breach specifically, it was unable to reasonably estimate a range of probable losses in excess of recorded expenses (Target Corporation, 2014). The company mentioned that while it had recognized a million expense related to the breach, further losses could materialize from ongoing litigation and claims, which were uncertain at the time of the report.
For legal and other contingencies that could reasonably result in losses, Target reported that they provided either a range of possible outcomes or the lowest estimated amount in the absence of more precise data. They withheld from recording liabilities for reasonably possible loss contingencies but did disclose the existence of such contingencies in their financial statements (Target Corporation, 2014). This method of disclosure aligned with GAAP principles and offered transparency concerning the associated risks without overstating the financial impact.
Additionally, Target discussed its insurance coverage, which was designed to mitigate potential losses from the breach. A receivable of million was recorded, reflecting expectations for recoveries under their network-security insurance policy, thereby reducing the overall financial impact (Target Corporation, 2014).

Conclusion

In summary, Target's 10-K filing communicated the adverse effects of the December 2013 data breach effectively to all stakeholders. By transparently addressing the breach and the related contingent liabilities, Target demonstrated its commitment to regulations and ethical obligations in financial reporting. Despite the complexity and uncertainty regarding potential future costs, Target followed GAAP guidelines to evaluate, treat, and report related loss contingencies. As a result, the company maintained credibility among its customers, shareholders, and regulatory bodies in the face of a significant cybersecurity incident.

References

1. Cohen, M. (2014). Target data breach: What happened and what can be done? The Verge. [Link](https://www.theverge.com/2014/1/16/5318820/target-breach-what-happened)
2. FASB. (2022). Financial Accounting Standards Board. Statement of Financial Accounting Standards No. 5. [Link](https://www.fasb.org)
3. Target Corporation. (2014). Annual Report 2013. Retrieved from [Link](https://investors.target.com)
4. Barlow, R. (2020). Corporate response to data breaches: A study of Target and Equifax. Journal of Business Ethics, 163(3), 570-585.
5. Fink, J. (2014). The implications of Target’s massive data breach for cybersecurity best practices. International Journal of Information Management, 34(6), 674-682.
6. Wall Street Journal. (2014). Target CEO steps down after data breach. [Link](https://www.wsj.com)
7. Ponemon Institute. (2019). Cost of a Data Breach Report 2019. [Link](https://www.ibm.com/security/data-breach)
8. Raghavan, S. (2014). Evaluating the financial impact of data breaches: Evidence from the Target incident. Journal of Financial Crime, 21(1), 44-59.
9. Spector, B. (2016). The lessons learned from the Target data breach. Cybersecurity Policy Review, 4(2), 25-34.
10. Smith, E. (2021). From disclosure to recovery: Lessons from the Target breach. Business Horizons, 64(2), 193-203.
By adhering to GAAP and providing relevant and comprehensive disclosures, Target set a standard for corporate transparency following significant cybersecurity incidents, reinforcing the importance of accountability in today’s digital landscape.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.