What about the management - surely they should have been ensuring that all procedures were followed.
Actally, from an it security point of view the system should have been designed to make it impossible to do something like this ie automatic encryprion, only allowing a few senior people access to all the info etc.
Also, all the cutbacks and redundancie will probably have got rid of all the experieced expensive people first leaving the cheap minions who obviously were not up to the job - they all bear responsibility for a cock up of ths magnitude