It only took the actions of one store in each chain to trigger an embarrassing mess. In each case, store employees violated company policy. You might think that today, only someone living under a rock would be unacquainted with the perils of identity theft, and that most people -- certainly your employees -- would have a grasp of at least the rudimentary ways in which identity theft can be abetted -- and avoided. Even if these workers hadn't read the company data retention and privacy policies, surely they've heard of shredders?
In any case, the lesson here for corporate America, its security czars, and IT departments is both clear and simple: People are the weakest link in your security armor, and education has never been more crucial. After all, who needs Trojans, stealth code, stolen passwords, and encryption keys when you can count on one blockhead to just hand over a mountain of data on a silver platter?