After GDPR took effect in May 2018, the security community, analysts, and the media were all attempting to speculate about the impact that GDPR would have in the way in which breaches were reported, when they were reported, and where they were being reported most.