While 0-day vulnerabilities will always get the best of some companies, there are some security breaches that are just due to plain negligence of the company.

I believe I recall Sony getting hacked, and tons of plain-text credit card numbers were hacked. It was discovered that Sony didn't even follow even the most simple of PCI compliance.

It's things like that that deserve the "hall of shame"

I have a PSN account and indeed had an account during that event. There was tons of wild speculation about what data was breached, but there was no evidence that credit card numbers were included. Sony unfortunately only fueled those rumors by refusing to comment on the specifics, but I can assure you that if they were storing "tons of plain-text credit card numbers" there would have been a legal shitstorm the likes of which we have not seen in many a year, including a class-action lawsuit. I have yet to receive any invitations to participate in any such lawsuit.