Actually I believe most companies could easily improve their security to protect consumers. Encrypting consumer data with individual salted hashes would be a start. Include a hardware decryptor and monitor the throughput at that point. That would prevent anyone from stealing a database and publishing the content worldwide. They might be able to steal a few, but certainly not millions of peoples private information. You may not be able to prevent the dedicated hacker, but you certainly can mitigate the damage.
In the Canada (and I would think the US) there is legislation in which consumers have a right to have their private data protected. Frankly I'm surprised that none of these companies have had fines levied against them in addition to the cost of the breach. I would bet that they will happen soon and if not laws will be passed that add some teeth to the provisions that are already in place.
