I very much think that centralized authority will have to learn the hard way about keeping PII (Personally Identifiable Information). They don't want to lose control of it because it's highly profitable for them (based on the FB business model for instance). The key to minimizing risk is decentralization. If instead of having all that PII on a central server where one hack generates 143 million records, it's better to force hackers to attack 143 million hosts to get one record.
They won't do that though. I just hope that they figure it out before they make the mistake of using biometrics directly which will make the technology unusable and generate an panopticon in the process.
Thanks for the reply! I was actually thinking about ways to introduce blockchain as a step in maximizing the security of traditional systems. For example if there was a blockchain layer of security that would require a valid transaction to be made to a unique address to then enable one to get access to a unique one time key that allows one to access encrypted information regarding credit history or PII it would be a much better system. At the end of the day I think the security did not reflect the confidentiality of the information that was being stored and that's what led to the breach.