The responsibilities don't end when the breach happens. And while the cat is out of the bag, knowing it has happened is also important to contact customers, fulfil legal disclosure with regulators (eg. GDPR), and for triggering investigations and forensics.
