The ongoing fallout from the massive Target data breach late last year goes all the way to the top.

On Monday, the company announced that CEO Gregg Steinhafel will step down from that role—as well as his roles as the company’s chairman and president—after a 35-year career leading the retail chain as it grew to one of the largest in the country.

Steinhafel’s departure comes despite the company’s wide-ranging efforts to assist its customers, including offering free credit protection services to the millions who were directly affected.

“He held himself personally accountable and pledged that Target would emerge a better company,” the company said in a statement announcing Steinhafel’s resignation. “We are grateful to him for his tireless leadership and will always consider him a member of the Target family.”

The situation shows the challenges that come with recovering from a wide-scale data breach, particularly at a consumer-facing business. And Steinhafel was far from the first to fall: Most notably, Chief Information Officer Beth Jacob was removed from her post in March.

As Quartz notes, the former Target CEO took many steps to right the ship after the breach—including adopting a broadly transparent approach to dealing with the situation—but those actions weren’t enough to save his job.

“Evidently, doing everything right afterwards didn’t make up for the mistakes that had gone before,” the publication’s Max Nisen wrote.

Upgrades on the Horizon

Prior to Steinhafel’s departure, one of Target’s efforts was drawing positive attention for making the company a first-mover in the United States regarding an important financial security technology.

Last week, Target announced that it would work with MasterCard to release an upgraded version of its store REDcard that includes chip-and-PIN functionality, a more secure style of credit card already common in much of the world, but fairly new to the United States.

The technology has been a hot topic among retail trade groups ever since the Target breach, and the Retail Industry Leaders Association (RILA) applauded Target’s move.

“The security features associated with Chip and PIN technology will reduce the risk of fraud in the United States as they have done around the world where this enhanced fraud prevention technology has been in place for years,” RILA President Sandy Kennedy said in a statement.

But another group representing those on the other side of payments, the Electronic Transactions Association (ETA), says that Target’s move will have limited impact unless there’s wider acceptance of the technology at more types of businesses—something unlikely due to the fact that Target’s REDcards only work in its stores. ETA CEO Jason Oxman, speaking to CNN Money, also argued the tech upgrades could work against the retail industry’s instinct for speed.

“At any quick-service restaurant, the last thing they want you to do is spend another five seconds using a PIN. They don’t even require a signature anymore for anything under $25. They want you out of there as fast as possible,” he said.

For its part, RILA actually has been pushing to make such upgrades industrywide, launching a cybersecurity initiative earlier this year.

(Justin Sullivan/Getty Images News/Thinkstock)