"To prevent this from happening again, none of us can go it alone," Mulligan said. "We need to work together."
"Our laws have to be as sophisticated as the crooks who are breaking them," Klobuchar said Tuesday.
She asked a panel of retail, security, and consumer representatives what is preventing American retailers from adopting smart-chip credit card technology, which is more difficult to duplicate and has been adopted in Europe.
Mulligan responded that Target tried out the "chip-and-pin" cards as early as 2003 but there wasn't broad support from other retailers. He said the company plans to give it another shot by early 2015.
The harshest criticism of the morning came from Democratic Sen. Richard Blumenthal of Connecticut. At one point, he speculated whether "the continuing series of significant, even sensational, breaches" was "an indictment of the American retailing industry in its failure to protect consumer information," to which no one answered directly.
Mulligan's apology was coupled with a defense of the company's handling of the breach. He insisted that Target had spent millions in recent years to boost cyber security and train staff.
However, as a recent New York Times article noted, "Entering through a digital gateway, the criminals discovered that Target's systems were astonishingly open -- lacking the virtual walls and motion detectors found in secure networks like many banks'."
During the hearing, Franken quoted from the NYT article and threw out statistics that the U.S. accounts for a quarter of the world's payment card transactions but half of world's credit fraud.
In explaining why he's co-signing Leahy's bill, Franken added, "I think the people have a fundamental right to privacy. Part of that right is knowing that your data is secure."