Target, Sony and JP Morgan are all major companies recently hit by cyber-attacks that rippled through the economy. The latest is Anthem, the second largest health-insurer in the United States — with 80 million customers — past and present, including defense contractors and government employees. Medical records are treasure troves for identity thieves. Anthem didn't encrypt them — and didn't have to under federal law. The private sector is on its own against state-sponsored hackers like China's so-called "Deep Panda." Can Washington provide needed protection without further violating personal privacy?