CMP's screwup aside, the problem I have with the logic above is that it's sort of like saying that just because Edward Snowden released a bunch of classified material, we should throw up our hands in futility and quit protecting all classified material going forward.
Keep in mind that lots of sensitive data rarely remains static, regardless of the nature (PII, HIPAA, etc). If someone gets hold of my credit card data, and I get issued a new credit card as a result, I'm not going to just throw up my hands and say, "well there's no point in protecting this new credit card since the last one was compromised!" That just doesn't make any sense.
You should guard and protect your personal information always, regardless of whatever PII compromises occur.