I tend to think the risk of identity theft is overstated.
As a general rule, criminals steal items that can be readily converted into *cash*. They're stealing your gear to sell it to someone, not to use the data that is on it. Is the end-buyer interested in what's on it? Maybe not. Maybe he/she is just interested paying $400 on a street corner for a laptop rather than $1,500 in a store (yes, buyers of this stuff have no conscience). But there are a few steps you should take anyway to watch out for 'bad things' that can happen to you just from using credit cards in stores and the like, as well as having your equipment stolen.
You can put alerts on your credit reports and on any other financial accounts detailed on your laptop by contacting your financial institutions. Google "ftc identity theft" for a government website on what to do in detail.
Obviously you're going to want to cancel and reissue your credit cards if the account numbers are on the laptop (in software configurations or in PDFs of bank statements).
Note that the credit card numbers are also something that can be readily converted into *cash*. Stealing a credit card or a credit card account number is not "identity theft", it's just plain theft. Using card numbers, account numbers, personal identifying info (date of birth, social security number, home address, mother's maiden nme, etc) to open up *new* accounts is identity theft. The more common problem is called "account takeover", where a thief directs your financial instituion to change the address on the account to his, not yours, to reissue credentials (atm card, social security, drivers license, passport, etc) for that account holder to the new address, and then uses the resources in that account to his own ends (opening other accounts in your name, using the securities in your online brokerage account to trade and drive up the price of securities the thief holds in another, legitimate, account already, and other 'indirect' means of converting your assets into cash, or leveraging your assets to increase the value of something he can turn into cash on his own without drawing attention to himself.
Protecting yourself in future: The hard reality is if I have the physical hard drive, and I'm determined, there's little you can do to defend against me with easy to use commercial tools. Windows has an encrypted filesystem feature, but there are (as there are with all such products) tools available over time that attack weaknesses in the storage of the 'keys' for that encrypted hard drive.
Manufacturers are starting to put hardware encryption actually into the hard drive mechanisms so an attacker would have no choice but to reinstall the operating system if he couldn't provide the right passphrase, but if you pick weak passwords, or write them on post-it notes taped to your laptop, then you're wasting your time if you think you are gaining something from any security tool.
New laptops include fingerprint scanners to make it easier to 'open' up stores of other credentials, and I think those are the beginnings of good user friendly technology. Because they are not foolproof, however, there are still alternate methods to get the data, ie a static password to log in to windows in case you get the sensor all cruddy or if your fingers get so dirty/greasy/unreadable that you cannot successfully log in thru the scanner. But I think the technology is promising (the gummy bear nonsense aside) in that it's easy to use, and it puts security into something that you're a) not likely to forget (you dont leave your fingers at home by forgetting to bring them with you) and that b) you couldn't readily make usable by other people by leaving them with the laptop (unlike passwords-on-post-it-notes). That said, the fingerprint is just a shortcut for *that* laptop to open up all your other passwords. If your data/applications use passwords you've GOT to take responsibility for choosing hard-to-guess ones that are easy to remember. There's tons of info on this around the web. Google 'choosing good passwords' and I'm sure you'll have reading for months.
I'm going to assume both laptops, at the very LEAST, are configured to require you to provide a username and password on startup. This is optional in many variants of Windows and MacOS, but it's the barest minimum any conscientious person should do to protect their data. If, after reading Dave's story, still think "hey, it's my laptop, not the company's, why should I make it hard for me to get at my stuff?", then you are Dave the night before this event happened, and you won't wake up until you're robbed like Dave was.
To protect data stored on the local drive hardware you could use something like PGPDisk to create another lettered drive (D:, E:, etc) which requires a passphrase to mount it (ie more than just logging in to Windows), and store all your data there (I say 'all' rather than 'all sensitive' because humans are creatures of habit, and you're more likely to *forget* to move something to that encrypted virtual hard drive if you only use it for 'some' items. But you've got to choose a *strong* (ie long and complex) passphrase for it to be useful. You want to make it harder for a thief to get the data, more work, more digging around - something you did *not* do by carrying your equipment in laptop bags (see more later on this). Again, that passphrase might be stored locally, depending on the product you use to create the encrypted virtual disk, but it's better than nothing. A purpose-built security tool like PGPDisk might be more likely to take strong countermeasures against a physical attack than a security 'feature' of an operating system like WIndows or MacOS (because PGPDisk's sole function is to provide security, its developers are focused on it - the OS developers have *lots* of competing design criteria on their plate beside 'security' when building the operating system).
Another glaringly obvious alternative if you're serious about preserving the stuff you *don't* need to travel with is: Don't Travel With It. Keep your long-lived items on an external drive at home. You wouldn't carry your photo album, college diploma, birth certificate, deed to your home, title to your car, etc, with you everywhere you go, so why carry your financial accounts, photographs, etc. in electronic format, particularly if it's your *only copy*.
Liability of the hotel: Nope. This one's your fault. They disclaim any and all liability for valuables left in the room, and they say so on their website and on the terms and conditions sheet you sign/initial when you check in, as well as on the signs on the back of the door.
If there's a safe in the room, you should have used it. If you insist on keeping valuables in your room (which, face it, we all do because it's 'easier' than using the hotel safe or lockboxes behind the front desk), they should have not been in any obvious container (camera bag, laptop bag, etc), and the bag they're in should have been locked.
Your goal is to raise the degree of difficulty for the thief. Theives steal because it's easier than working for a living. The more like 'work' you make it, the less likely you are to be a victim.
Laptop bags are like carrying around a 'hey, steal this bag' sign. Don't use them. You made targeting you *trivially easy* for the thief. I'd bet they didn't watch every room, but that they heard you say the room number aloud in the lobby or in the elevator while you were loaded down with very obvious "hey, computers are in here" luggage. They didn't try every room on your floor and leave all those doors open. They went to yours because they knew there was gear there. Worst case: hotel staff colluded with them to provide targeting information (I sound cynical, eh?).
Hope this helps and serves as something other than a complete "serves you right."