https://www.kickstarter.com/blog/important-kickstarter-security-notice

So looks like we have another site breach, another password needing changing, another credit card potentially needing re-issuing.  It's almost getting to be a weekly occurrence - where does it end?  Should banks be issuing CCs with 1 month validities now?  Should companies even be allowed to store PII on internet connected computers?  Should 2FA become a legal requirement?  Should the government get involved with a 2FA solution like some European ones have?