I don't think this logically follows. More likely, Equifax will settle out of court for a much smaller sum. At that point there's now a literal dollar amount associated with a data breach. Perhaps some math will be done, proving out that there would need to be "N" number of breaches before the cost of settling out-of-court for the breaches would be more expensive then materially changing the way they manage data. And "N" number of breaches, that's just so unlikely.

At that point it would be fiscally irresponsible to properly secure this data. They would owe it to their shareholders to continue with their shoddy security and data management procedures.

I would guess they've already done this calculation. Similarly, due to externalities, the cost (to banks) of credit card and similar fraud is small compared to the expense of preventing it.