The Damages today are violation of HIPPA REGs
Frankly, the loss of so much data ought to bring the corporate death prnalty. The loss was entirely preventable and this type of gross negligence is all too common.
Gut and fillet a few of these entities that are so cavalier with our private information and the rest will get in line for secure data standards.
It is a shame that there is no legal remedy that permits the dissolution of the corporation and a lifetime bar for the corporate officers and directors working in the same field, Regulatory frameworks aren't working: only Draconian measures will get the attention of the IT industry.