Personal data owners are often told of a breach from the corporation long after the perpetrators have taken the data. T-Mobile made their announcement after the hackers announced that they had the data. Soon Ohio will have a new Data Privacy law to help protect individuals. Maybe one day the federal government will have GDPR-like laws.
Proactive cyber security begins with ISO, NIST and NAID certified TechR2.