Skip to main content
Skip to navigation

Regulatory Enforcement

Chegg avoids fine in deal with FTC over cybersecurity lapses

By Aaron Nicodemus2022-10-31T17:25:00

The Federal Trade Commission (FTC) ordered education technology provider Chegg to fix problems and weaknesses with its cybersecurity program that led to the exposure of personal and financial data of 40 million customers in four data breaches since 2017.

In agreeing to the order, Chegg promised to “bolster its data security, limit the data the company can collect and retain, offer users multifactor authentication to secure their accounts, and allow users to access and delete their data,” the FTC said Monday in a press release.

Chegg neither admitted nor denied any of the allegations in the FTC complaint, except as specifically stated in the decision, according to the FTC’s order.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

Opinion
From enforcer to coach: Engineering compliance that happens at speed

2026-03-13T15:48:00Z By Tegan Gebert, Chris Audet and Doug Eckstein, CW guest columnists

New Gartner research reveals why traditional risk management is failing to keep pace with modern risks, and outlines how compliance leaders must enable organizational risk owners to build an instinctive Risk Reflex.
Opinion
Leveraging COSO to mitigate AI risk: A step-by-step guide

2026-03-12T20:37:00Z By Jonny Frank and Michael Costa, CW guest columnists

AI elevates compliance, or exposes it. The technology presents compliance leaders and lawyers with an extraordinary opportunity to elevate their roles, as well as an equally extraordinary risk of accountability when AI fails, misleads, discriminates, hallucinates, or generates unreliable outputs.
Article
SEC enforcement priorities revert back to basics

2026-03-12T20:00:00Z By Jaclyn Jaeger

Recent pronouncements made by the U.S. Securities and Exchange Commission leadership, alongside the recent overhaul of the SEC Enforcement Manual, collectively signal a back-to-basics enforcement approach that appears beneficial for companies in their dealings with the agency.

More from Regulatory Enforcement

Article
FCA drive to reduce its investigation costs likely to add to compliance burden for smaller firms, warn experts

2026-03-11T21:35:00Z By Neil Hodge

The U.K. financial regulator’s move towards “impactful deterrence” could see smaller and mid-size firms come increasingly under the spotlight as the watchdog aims to tackle market-wide concerns instead of primarily focusing on large players capable of doing the most harm.
Article
International agents take down major site where criminals traded stolen corporate info

2026-03-10T14:57:00Z By Adrianne Appel

A major online site used by cybercriminals to buy and sell information stolen from corporations and individuals worldwide has been shut down by an international enforcement action, the Department of Justice announced.
Article
Luxury brands told to tighten AML compliance as Dutch regulator fines Louis Vuitton

2026-03-10T14:57:00Z By Ruth Prickett

Money laundering is no longer a concern just for financial services and real estate. It is everybody’s business. But are most businesses adequately prepared for tighter AML rules? What does compliance need to know?