While our primary concern is the minors involved here, many of the victims were also Chegg employees. There were millions of minors affected by this breach and many college students. The FTC filed the lawsuit after three breaches occurred in as many years. The only people that offered data such as orientation, religion, income, and social security numbers were students who input such for Chegg's scholarship-finding feature. Chegg left the site's back end open to malicious actors, resulting in massive data leaks and terrifyingly large numbers of victims. In some instances, data such as sexual orientation, disabilities, religion, and parental income were all involved in the Chegg breach. The stolen information varied depending on the student but mainly consisted of the stolen emails, names, passwords, and social security numbers. While Chegg's privacy policy stated that the company would take "commercially reasonable security measures" to protect students, the information was poorly protected, resulting in the violation. The initial attack that affected students occurred when "Chegg took shortcuts with millions of students' sensitive information," said the FTC's director of the Bureau of Consumer Protection, Samuel Levine. Chegg reached an agreement with the FTC to settle the charges, which "agreed to adopt a comprehensive data security program." How Did the Attack Occur? As a result, the Federal Trade Commission, or FTC, has become involved. The stolen information was found for sale on the dark web. These were a combination of employees, outsider contracts, and students. In 2018, Chegg became the victim of a massive hack that affected 40 million individuals.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |