Simple reason for not disclosing — potential for getting sued.
More complex reasons — continuity of operations, competitive pressures, effect on stock prices, fear and embarrassment.
Certainly public acknowledgment of an attack can trigger legal obligations, potentially turning corporate offices into a crime scene where employees are unable to work to shut out attackers.
Source: Here’s why companies leave you in the dark about hacks for months – LA Times