This is not the first time that a data breach has happened and certainly not the last time. When it comes to cybersecurity, there is no such thing as “100% guarantee” OR “ALL STEPS TAKEN TO BLOCK ANY FUTURE DATA LEAK INCIDENTS”. Having said that, it is very important that governments and private players give the due importance to the data it has of citizens. They should repeat audits every year, if not every six months, as only full transparency will restore trust back in this system, else more bad news is likely to come.
To detect frauds that misuse authorized logins, the concerned parties should implement robust monitoring mechanisms and a proper incident response mechanism. It may also be a good idea specially for governments to implement a public bug bounty program and reward researchers who find issues on a much more bigger scale.
We still don't have any data protection laws or privacy rules to avoid such scenario. Though we have many compliances that companies follow for data protection and privacy issues, but, the adoption is not yet reached the stage where we can confidently say, that, we as citizens are protected in case of any privacy issues.