Chegg avoids fine in deal with FTC over cybersecurity lapses
By 
Aaron Nicodemus2022-10-31T17:25:00
The Federal Trade Commission (FTC) ordered education technology provider Chegg to fix problems and weaknesses with its cybersecurity program that led to the exposure of personal and financial data of 40 million customers in four data breaches since 2017.
In agreeing to the order, Chegg promised to “bolster its data security, limit the data the company can collect and retain, offer users multifactor authentication to secure their accounts, and allow users to access and delete their data,” the FTC said Monday in a press release.
Chegg neither admitted nor denied any of the allegations in the FTC complaint, except as specifically stated in the decision, according to the FTC’s order.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleGeopolitical risks and global threats drive emerging national security compliance teams
Geopolitical uncertainty is becoming the defining feature of the decade, and global powers are increasingly using geo-economic power to promote national interest and defend their critical interests. Multinational companies, consultants, and global law firms are responding by setting up dedicated national security teams.
-
ArticleEU data regulators support loosening cybersecurity compliance requirements
The European Union’s key data privacy regulators have said that they support streamlining compliance and reporting requirements under plans to beef up cybersecurity across the 27-nation bloc.
-
ArticleEU prioritizes AI regulation and frameworks, despite Omnibus delays
The EU announced delays to some of its landmark AI regulations in its Digital Omnibus in December, but the AI Act has not gone away. Compliance leaders must beware complacency and ensure they follow the debate and note new deadlines as they emerge.
More from Regulatory Enforcement
-
ArticleCMA holds companies responsible for false claims, fake reviews ‘throughout supply chain’
Companies face large fines if they spread false marketing claims or fake reviews about their products and services—as well as those by suppliers—under a toughened competition regime in the U.K. aimed at enhancing consumer protection.
-
ArticleFTC warns VISA and other processors that company policies may lead to debanking
Visa, Mastercard, PayPal, and Stripe have received letters from the Federal Trade Commission, warning the companies to end any policies or terms of service that may result in the “debanking” of customers.
-
ArticleDOJ makes good on corporate-friendly enforcement policy with Balt resolution
The ink was barely dry on the U.S. Department of Justice’s new corporate enforcement policy (CEP) when the agency announced it would not prosecute Balt SAS for alleged bribery violations.