Keeping a hack of your enterprise should be difficult. Some find it easy.
“Uber CEO Knew of Hack for Months,” The Wall Street Journal, November 24, 2017 A1. Uber was hacked in October 2016 (they say), affecting 57 million accounts. Less than Yahoo’s 3 billion, and Equifax’s 145 million. The CEO learned of the breach in September 2017, shortly before taking the top job. Uber also paid the hackers $100,000 to destroy some of the stolen data.
Would they have disclosed it at all if they weren’t seeking outside financing?
What’s your obligation to disclose to your customers that their information may have been stolen from you?