Company agrees to report to FTC for 10 years for alleged student data lapses
By 
Adrianne Appel2025-12-02T21:52:00
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission (FTC) for 10 years, after security failures led to data for 10 million students being breached.
Illuminate Education collects and stores personal student data, including birth dates and health conditions, on behalf of schools. A vendor allegedly alerted Illuminate in January 2020 that its network had big security flaws, but the company failed to address them, according to the FTC complaint.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
ArticleDisney pays $2.75M to California for alleged privacy violations
Disney has agreed to pay $2.75 million to settle allegations by California that its streaming service sold the personal information of subscribers without their permission.
-
News BriefFTC’s $60 million Instacart case puts misleading fees in the spotlight
The U.S. Federal Trade Commission settled with grocery delivery giant Instacart over accusations of deceptive billing and subscription practices.
-
News BriefFTC orders GoDaddy to upgrade cybersecurity defenses following three breaches
The Federal Trade Commission has ordered web hosting company GoDaddy to implement a “robust” information security program following at least three data breaches that the agency said were aided by lax cybersecurity measures.
More from Regulatory Enforcement
-
ArticleCMA holds companies responsible for false claims, fake reviews ‘throughout supply chain’
Companies face large fines if they spread false marketing claims or fake reviews about their products and services—as well as those by suppliers—under a toughened competition regime in the U.K. aimed at enhancing consumer protection.
-
ArticleFTC warns VISA and other processors that company policies may lead to debanking
Visa, Mastercard, PayPal, and Stripe have received letters from the Federal Trade Commission, warning the companies to end any policies or terms of service that may result in the “debanking” of customers.
-
ArticleDOJ makes good on corporate-friendly enforcement policy with Balt resolution
The ink was barely dry on the U.S. Department of Justice’s new corporate enforcement policy (CEP) when the agency announced it would not prosecute Balt SAS for alleged bribery violations.