OOPS!! Another Stolen Laptop

Apparently a laptop containing the Social Security numbers and other personal data of 13,000 District of Columbia employees and retirees has been stolen.
Reports confirm that a computer was stolen Monday from the Washington home of an employee of ING U.S. Financial Services which administers the district's retirement plan.
The laptop was not password-protected and the data was not encrypted.
The company has sent letters to all affected employees warning them of the possibility of identity theft. ING also will set up and pay for a year of credit monitoring and identity fraud protection. I have a serious problem with companies thinking that this will solve the problem. I have interviewed actual criminals and hackers who say they are aware of such policies and they will just wait one year to use the information. They go on to say, "... we just keep enough stolen/hacked data in the pipeline."
Two other ING laptops containing information on 8,500 Florida hospital workers were stolen in December, but the employees were not notified until this week.
Where does it stop? Maybe companies should be proactive, spend some money on computer security and security training for their employees rather than being forced to spend tens of thousands of dollars reacting to stupidity.