If Apple had a security breach, and it seems like a massive one given the circumstances, are they not required by California law to report it to their customers?
They did report that there was a breach, that some personal data about developers (but no credit card info or passwords) was stolen and that they are restoring the developer center.
That's more than enough reporting. If you want a full post-mortem, that's likely not something you'd get from a public company as big as Apple
You wouldn't get a full post-mortem from a company like Apple, because they are wilfully intransparent. My employer (Spotify) for example posts somewhat detailed post-mortems[1] after big outages - doing this always comes with a spike in job applications so it's positive in several ways.
Another comment mentioned that AWS post-mortems are also detailed and public, they don't really have another choice because their customers have their infrastructure running on AWS - so they want to know what happened and not be left in the dark.
AWS always gives full and detailed postmortems. I wouldn't say it is a trait of big companies specially not to disclose to customers, but it is something I would expect Apple to probably do.
That's more than enough reporting. If you want a full post-mortem, that's likely not something you'd get from a public company as big as Apple