After 35 years with the brand, Steinhafel stepped down Monday as Target Corp.'s CEO, president and chairman following "extensive discussions" with the Minneapolis company's directors, the company's board said in a statement.
"We are grateful to him for his tireless leadership," the statement said.
Steinhafel, 59, resigned less than five months after the retailer disclosed a data breach that has jeopardized as many as 40 million payment card accounts since the Black Friday shopping bonanza over the Thanksgiving weekend.
The company later said that hackers had illegally accessed personal information such as phone numbers and email addresses from as many as 70 million customers.
Even after Target threw assurances and discounts at customers, the retailer's revenue slid 5% during the Christmas quarter. The company has spent at least $61 million dealing with the hack, though $17 million of that was expected to be covered by insurance.
Target's shares fell $2.14, or 3.5%, to $59.87 on Monday. Since Target first acknowledged the problem in mid-December, when the stock was selling for nearly $64 a share, the price has fallen as low as $55.07. The stock is down nearly 19% from its 52-week high.
Target's board said Steinhafel "held himself personally accountable" for the breach, one of the largest on record at a retailer.
He probably decided to depart on his own once the scope of the breach became clear, said Jason Hanold, managing partner of executive search firm Hanold Associates.
"It was a matter of when he was going to leave, given the magnitude of the failure," said Hanold, whose firm has placed senior leaders at Amazon.com Inc., Nike Inc. and Google Inc. "But I admire the timing — some boards could have had a knee-jerk reaction immediately after the fact that wouldn't have given them the time to responsibly react and fix the problems."
Steinhafel will serve as an advisor to Target, which has 1,789 U.S. stores and 127 Canadian locations. He became chief executive in 2008 and introduced fresh groceries and smaller-scale City Target store models.
Target "has not put a timetable" on Steinhafel's consulting stint with the company, spokeswoman Dustee Jenkins said.
The board "has not made a final determination" on Steinhafel's severance package, according to a filing with the Securities and Exchange Commission on Monday.
The data breach capped a career that had recently weathered "unprecedented challenges," such as the financial crisis and the recession that followed, a limp expansion into Canada and an expensive proxy battle with activist investor William A. Ackman, the board statement said.
The company's earnings suffered in the fiscal year that ended Feb. 1, plunging 34% to $2 billion compared with a year earlier.
But Target seems to be moving forward, analysts said.
Standard & Poor's said it expects the breach to continue dampening shopper traffic at least through the first half of the fiscal year, but said the effects will probably lessen over time. Costs related to the data loss "could be significant, but manageable" for the retailer, given its ability to steadily generate cash flow, S&P's analysts said.
Over the next 18 to 24 months, Target will see "moderate performance gains" in the form of higher sales, lower markdowns and a stronger supply chain feeding into its Canadian stores, according to S&P.
Target has spent much of 2014 trying to shore up its security systems.
The company will switch its branded credit and debit cards to MasterCard from Visa early next year. The new cards will use a more secure chip-and-PIN technology instead of relying on the current magnetic stripe system.
Earlier this year, Target said it was speeding up a $100-million initiative to make its stores compatible with the upgraded cards. Last month, the retailer said new payment terminals will be installed by September, six months ahead of schedule.
Target also hired security and retail veteran Bob DeRodes to be chief information officer, succeeding Beth Jacob, who resigned from the position two months ago. The company said it is still looking for a chief information security officer and chief compliance officer.
As Target hunts for a permanent replacement for Steinhafel, Chief Financial Officer John Mulligan will act as interim president and chief executive while Roxanne S. Austin, a board member, will serve temporarily as nonexecutive board chairwoman.
The company is "looking at all relevant candidates, internal and external, not limiting the search to any specific company or industry," spokeswoman Jenkins said.
But the retailer may struggle to bring a top-notch boss to Minneapolis, which isn't a commercial hub like New York or Los Angeles, said Cowen & Co. analyst Faye Landes. Start-ups, which offer the chance to make a fortune on an initial public offering, are also "a big lure for experienced CEOs," she said.
A recent report from Strategy&, formerly Booz & Co., found that more than three-quarters of incoming chief executives at large companies were insiders who had worked at the company before.
"In general, executives have lots of options," Landes said.