FTC issues cybersecurity warning to Chegg

Chegg, the American company that offers textbook rental and homework related online services to school and college students, has been asked to revamp its security practices. Failing which it will be eligible to go through harsh legal practices and hefty financial implications.

The Federal Trade Commission found in its investigations that the company was storing sensitive information about millions of its student customers and employees without following a basic security hygiene. This includes social security numbers, email addresses and passwords to access the services on the application.

Such practices in-turn led to 4 security breaches since 2017 and so the company was asked to revamp its security practices while collecting and storing data with authentication and biometrics that need to be followed by the staff.

Samuel Levine, the Director of FTC’s Bureau of Consumer Protection, acknowledged the news as true and clarified that after a 6 months period, the data watchdog will again review the security practices and then act aggressively.

Chegg that offers educational services online is sure to leap this issue with ease, as it has already revamped it’s in-house security practices related to data protection and its security.

NOTE- Because of lax security practices, a former contractor belonging to Chegg could steal data of nearly 40 million users by exploiting the company’s AWS cloud server. The contractor then sold information belonging to employees and other contractors on an online forum.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display