1. Please don't tell people what to say or what not to say - it's rude. If you'd like me to clarify what I meant, ask. Please don't demand another poster behave in a certain way.
2. Companies, across the world, are being hacked every day. To varying degrees of success.
https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
Data breach statistics show an increase in the number of data compromises in recent years, whereas the number of impacted individuals decreased.
www.statista.com
"In 2019, the number of data breaches in the United States amounted to 1,473 with over 164.68 million sensitive records exposed. In the first half of 2020, there were 540 reported data breaches."
I have no idea what company you work for. Or if they've ever been successfully hacked. Suggesting it's not a steady, world-wide, constant very expensive problem is unrealistic. Law enforcement, commercial crime, cybercrime, insurance agencies and simple, easily-searched statistics disagree with you in multiple cases. That's why 2FA is more and more common; that's why such strenuous measures are taken to protect your data.
Being hacked is hardly "normal" but it is also a steady and increasing occurrence in the modern global climate.
Not sure what you're suggesting - that CDPR is a special case? That it is deserved? That they are to blame? That because your company, clients and/or you yourself haven't been subjected to this kind of thing, it's not an ongoing, global issue? You aren't clear on what you are saying, other than to tell me I can't say that companies are hacked every day and it is a steadily increasing issue.