"FTC Orders Chegg to Improve Security Following Multiple Data Breaches"

The Federal Trade Commission (FTC) recently announced that it has reached an agreement with education technology provider Chegg over the company’s cybersecurity failures leading to several data breaches.  Chegg is based in California and provides student services such as online tutoring and digital and physical textbook rentals to high school and college students.  The security mishaps, the FTC says, have exposed the personal information of tens of millions of customers and employees, including their Social Security numbers, email addresses, and login information.  The FTC noted that since 2017, Chegg allegedly experienced four security breaches, but the company failed to implement the necessary protections.  The FTC is now requiring the company to improve its security stance, to collect less personal data than before, to allow users to access and erase their data, and to implement multi-factor authentication (MFA).

SecurityWeek reports: "FTC Orders Chegg to Improve Security Following Multiple Data Breaches"