AmiMoJo writes: Thanks to the European General Data Protection Regulation (GDPR), which will require companies and institutions to report data breaches and in many cases will force them to notify the public, too. Companies will be required to have the capability to detect breaches and perform a risk assessment. Reports must be made within 72 hours. Not following might be costly: GDPR fines for not following are (max): €10M or 2% worldwide turnover (whichever is higher). Organizations will no longer be able to hide serious breaches out of fear for their stock value.