When it comes to protecting customer data, speed and precision are your best friends. Unfortunately, too many companies don’t have the IT capabilities to identify a data breach or to adequately investigate an event after it happens. As a result, customer data can virtually linger indefinitely before protective action can be taken, such as changing passwords or otherwise ensuring data integrity. This incident serves as an important reminder that every business needs to enlist in services that help proactively monitor and protect customer data.

Data security is increasingly top of mind for consumers. For companies operating in a highly competitive marketplace, it can mean the difference between keeping your customers happy while increasing revenue or losing them forever. Therefore, businesses of every size need to meet the moment by understanding their vulnerabilities, embracing best practices for cyber defense, and building a breach response action plan.

Although Tomo states that data privacy is one of their top concerns, their actions say otherwise. Companies demonstrate their priorities by actively securing their customers’ data and by having a response plan ready in case a breach occurs. Knowing what happens to data after it is stolen and having deliberate channels to communicate this information to your customers are both critical to hastening the recovery process and restoring customer confidence in your brand.

Providing a seamless, secure online experience is a critical component of any organization’s relationship with its constituents in the digital age. However, these efforts are undermined when data breaches occur at checkout and are not discovered for months on end. In order to increase the ROI of any e-commerce experience and avoid legal penalties, companies and institutions must be able to detect potential misuse of user data.

Thinkful’s data breach announcement is especially problematic since it immediately followed news that the company was being acquired by Chegg. It’s unclear how this cybersecurity incident will impact the deal, but cybercriminals often target small companies before an acquisition, hoping to infiltrate their IT infrastructure before coming under the protection of the larger, more robust system of their new parent company.