I just got an automated response email from a company that had someone elses registration info in it. The person that responded to the email expressing my concerns refuses to acknowledge that there is a problem.
I've think i've heard you are legally required to hash certain sensitive information (credit card info for example) even if it is in a secure database. This seems much worse....
Is there a government agency or something that can do something about this issue if I make a complaint?
Generally for consumer issues you want to contact either your state's Attorney General (and possibly the AG for the state that the company is based in) and the FTC. Though I doubt they will do too much about an issue like this, you're better off just complaining to the company in question and let them know that you won't be doing business with them until this issue is resolved.
I'm not sure about the government, but you can look to see if the business is listed with the better business bureau. You can always file a complaint with them.