As these operators are seemingly unable to keep their noses clean and the only thing they care about is money, I think the time has come to set up a nationwide insurance pool. Any operator who insists on hanging on to information which can be used for ID or other theft gets to tithe in based on the number of accounts and the type of information they keep. And then those who do get taken to the cleaners because of one of these breaches* can call on it to repair the damage.
Any operator who gets caught out storing sensitive information without paying in gets to foot the bill themselves.
* Primary breaches only. Password recyclers are SOL if the loss is due to a derived breach.
Any operator who gets caught out storing sensitive information without paying in gets to foot the bill themselves.
* Primary breaches only. Password recyclers are SOL if the loss is due to a derived breach.