In theory, responding to a data breach should be straightforward. Alert all affected, communicate next steps, and then make plans so that it doesn’t happen again. But it doesn’t always work out that way.
Apologies for picking on Yahoo and Target, but as an example, both companies failed at incident response. In September 2016, Yahoo said that data associated with 500 million user accounts was stolen two years earlier. In December, the company disclosed that another 1 billion accounts were hacked in 2013.