You have to remember that there are a very large population of federal and state high ranking law enforcement agents who have essentially only the slightest clue how electronic information security works. Which is ironic because many of these same individuals could probably give a lecture on how to find and disable phone taps and secure perimiters from optical microphone spying. But anyways, they have enough rank to get the data whenever they want it, the data is small enough to be moved easily and quickly in a variety of forms, and most small law enfocement agencies are more connected to the bigger data sources due to homeland security than they ever were before. Aside from the NSA and a few domestic CIA areas, no one has the budget to put up dedicated secured fiber optic links with sufficient security to ensure they aren't being tapped. Everyone else is relying on internet service providers of some sort, with antiquated computer equipment often running outdated software / firmware. Even the best of them tend to have some sort of pre-patch deployment testing, which leaves things open for targetted zero day attacks. That and so many people are conditioned to give information to "bob from IT" over the phone. In many instances corporations are even worse, because they give their data to Marketing People, who probably would sell the data under the table to a hacker for the right price. As much as I hate apple, its not just them either. Somewhere, there is a record of serial numbers that go with my motherboards. Those serial numbers theoretically tie to the list of MAC addresses for devices on those boards, and since they are registered for warranty purposes, they probably tie to my personal info, which given websites for certain motherboard makers, a toddler could probably accidentally hack. I can mitigate that somewhat from my end of course, but all data phones period are in the same boat. Apple just happens to make alot of them and has a really stupid way of storing the data.
The problem is that there are no concequinces. No requirements for my bank to disclose to me personally what retailer I use got hacked when they issue me a new credit card, no requirement that apple give these people new phones to complensate for the released data. If its a corporation there is at least a chance that someone will sue, but if its government, there is almost no chance of any action occuring at all, no matter how severe the breach. It's a broken system, and its going to remain broken until people start learning how to implement encryption and stop treating dataphones as a good place to do their banking on.