In the sense that businesses, like banks and credit card companies, make an effort to try to stop identity theft, that is true. On the other hand, as you said, they certainly don't have any interest in telling people when there's been a breach.
Would it be okay to just let it go? No, we don't think so, because the lost information can be used now in so many ways. Some of the ways are setting up new credit or defrauding people in other ways, people who aren't compensated. The credit card companies cover you to a $50 loss in the United States and sometimes down to zero here in Canada, but that's not true when someone uses your personal information to put a mortgage on your house. We had to pass an act in Ontario to cover that situation; a couple of people had their house stolen out from under them. That's a horrifying example.
We just don't know the knock-on effects. The immediate ones might be dealt with by the bank, but perhaps there are more for which consumers won't get redress at all. That's our concern.