That was what a friend asked me recently. He surmised that it had "something to do with all the Facebook issues." That is partially correct. Having Mark Zuckerberg testify to the U.S. Senate and then to the European Parliament certainly put a spotlight on these issues.
But what really pushed companies was the EU's General Data Protection Regulation (GDPR) which went into effect this week. Since most websites are global, even if they don't think of themselves as being global, most big companies decided to adopt the GDPR standards for everyone, including their U.S. clients.
These new changes seem to me to be a good and necessary next step. Add to the Facebook spotlight and GDPR the fact that Google's Chrome browser in its July 2018 version 68 release will mark all HTTP sites as “not secure.” Having the HTTPS ("S" for secure) in that URL will become important. If your site appears to users as NOT SECURE, you can expect people to click away from it.