Higher Education

FTC orders Chegg to improve ‘lax security’

The Federal Trade Commission has given edtech company Chegg 90 days to improve its data security practices.

January 30, 2023

(Sarah Kerver / Getty Images for Chegg.com)

The Federal Trade Commission on Friday ordered Chegg, the homework help and textbook rental company, to step up its data security practices.

FTC commissioners voted 4-0 in favor of finalizing an order that outlines steps Chegg must take to improve its data security practices, including limiting the data the company collects and stores, introducing multifactor authentication options and allowing users to access their information and delete it. The order follows a complaint the FTC filed against Chegg last year for failing to adequately protect the personal information of its customers and employees following four data breaches affecting more than 40 million users.

Effective Jan. 27, Chegg has 90 days to develop a comprehensive information security plan, Nextgov‘s Alexandra Kelly reported.

“Chegg took shortcuts with millions of students’ sensitive information,” Samuel Levine, director of the FTC’s Bureau of Consumer Protection, said in a press release. “Today’s order requires the company to strengthen security safeguards, offer consumers an easy way to delete their data, and limit information collection on the front end.”

In a statement first shared in October, a Chegg spokesperson said that data privacy is top of mind for the company.

“Chegg worked cooperatively with the Federal Trade Commission on these matters to find a mutually agreeable outcome and will comply fully with the mandates outlined in the Commission’s Administrative Order,” read the statement, which noted that the last data breach was more than two years ago and that no monetary fines had been imposed. “Chegg is wholly committed to safeguarding users’ data and has worked with reputable privacy organizations to improve our security measures and will continue our efforts.”

Chegg, once only a humble textbook rental service, is now a major public educational technology company that offers a wider range of subscription services, including online tutoring and homework help. The company is scheduled to report its Q4 2022 earnings Feb. 6.

More Like This

More Scoops

FTC orders Chegg to improve ‘lax security’

More Like This

Clemson creates new VP position for tech modernization

University of Kentucky publishes AI policies for research

Boston University calls for ‘critical embrace’ of generative AI in new report

More Scoops

Securing educational institutions in the digital age

New York college agrees to $3.5 million cybersecurity investment following data breach

All colleges hit by ransomware got data back, says survey

Johns Hopkins faces class action lawsuit over MOVEit cyberattack

CISA urges organizations to patch MOVEit after 3 new vulnerabilities found

University students sue ticketing platform over data breach

University deadline looms for updated Safeguards Rule

Latest Podcasts

FTC orders Chegg to improve ‘lax security’

CIO Matt Gunkel on how gen AI is transforming UC Riverside

Finding the right place for generative AI in the classroom

New REN-ISAC director wants to build ‘trust community’

Higher Education

K-12

Cybersecurity

Hybrid Learning