If the company has to tell you every time your information is invaded, they are going to want to spend more money on preventing the problem in the first place.