It’s a perfect 21st century PR conundrum: You’re a big company. Your servers got hacked. Now you have to make a decision: Go public? Hold back? Deny everything? More and more big-name brands are taking the “strength in numbers” approach by admitting that they were “compromised”–as long as their competitors do it first.

Google was the first big brand to call itself the victim of cyber hackery back in 2010, and since then others have joined the growing chorus: Earlier this month it was Twitter, followed by Facebook, Apple, The Wall Street Journal, The Washington Post and The New York Times. (Burger King and Jeep had their Twitter feeds hacked this week, but that’s a different thing entirely.)

Some brands, like Bloomberg, continue to issue less-than-believable denials. We understand the desire to avoid saying “Yes, we were hacked by China”–but this kind of stubbornness can make brands look worse, especially when third-party sources confirm the reports.

Should companies go public after being hacked to get ahead of the story? Or should they hide in the shadows and issue no comment until the time is right?