Company agrees to report to FTC for 10 years for alleged student data lapses
By 
Adrianne Appel2025-12-02T21:52:00
A tech company that stores student information for schools has agreed to implement a data security program and report to the Federal Trade Commission (FTC) for 10 years, after security failures led to data for 10 million students being breached.
Illuminate Education collects and stores personal student data, including birth dates and health conditions, on behalf of schools. A vendor allegedly alerted Illuminate in January 2020 that its network had big security flaws, but the company failed to address them, according to the FTC complaint.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefFTC’s $60 million Instacart case puts misleading fees in the spotlight
The U.S. Federal Trade Commission settled with grocery delivery giant Instacart over accusations of deceptive billing and subscription practices.
-
News BriefFTC orders GoDaddy to upgrade cybersecurity defenses following three breaches
The Federal Trade Commission has ordered web hosting company GoDaddy to implement a “robust” information security program following at least three data breaches that the agency said were aided by lax cybersecurity measures.
-
News BriefRobinhood to pay $45M fine to settle securities law violations by broker-dealers
Robinhood, a disruptive force in the market for Main Street investors but also a serial offender of securities laws, will pay a total of $45 million to settle numerous violations of SEC rules and regulations by two of its broker-dealers.
More from Regulatory Enforcement
-
ArticleFrench investigators target anticompetitive practices in largest accounting firms
Major accountancy firms in France are under investigation for anti-competitive practices. The French competition watchdog embarked on a series of “unannounced inspections” and removed documents relating to audit and reporting on Jan. 13.
-
ArticleEU investigation into Grok may expose problems with DSA rather than compliance failings
The European Commission has launched a formal investigation against Elon Musk’s X under the Digital Services Act over fears that its AI tool Grok may be producing and disseminating illegal material.
-
ArticleFormer ADM execs inflated operating profits, SEC alleges
Three former executives at Archer-Daniels-Midland intentionally misled investors by inflating the performance of the company’s Nutrition unit, the U.S. Securities and Exchange Commission has alleged.