What Equifax, Sony, and Target Could Have Done to Prevent Data Breaches