Actually, they are simply continuing to prove the point that current security technology has gaping holes in it. And that until there is a MAJOR rework of system, software, and site security, these holes will continue to exist and continue to be exploited. The real bad guys would have simply kept, sold, or used the information themselves and no one would have really known until the credit cards were used to fill cars full of gas, or purchased gift cards which were emptied to accounts which were transferred, etc., etc., and by the time anyone could do anything the money would be out of the systems (no longer electronic) and the people gone.
Until passwords are not typed by people on keyboards, moved through accessible memory on client systems or servers, two factor confirmations, one time use payment numbers, etc., are all in place, these hacks will occur. Fundamental level changes need to occur to fix these things (including hardware interrupt handling, memory segmentation and randomization, whitelisted program execution/startup, passwords/credit card numbers with timebased key tokens required, etc...). Problem is, it will cost a lot of money to change many of these, including hardware changes. Even if the technology was available today that fixed all these things (and you couldn't buy a computer without these changes), we would still have vulnerable systems out there for 20 years or more while industry and consumers replace their hardware.