[lostlogin]

Your point needs more emphasis. The idea that the victim is anyone other than the customer is so wrong.

The other points are dubious too.

> But the truth is, given the size and international nature of the internet, there are effectively armies of criminals, sometimes actually linked to governments, that have incredible incentives to breach organizations. It doesn't require negligence for a data breach to occur - with enough resources, almost any organization can be breached.

So given that this is known, why was the data stored such that it could be taken? Why was it kept at all? Oh.. to sell.

> Put another way - you trust a classical bank, with a money, to secure your money from criminals. But you don't expect it to protect your money in the case of an army attacking it.

Yes I do expect that. And it’s protected and insured by my government.