Chegg Inc. and the FTC’s Order Against Them Is a Wake-up Call for Data Privacy Strategy

MarketScale
Dec 8, 2022
Learn more
Chegg data breach data privacy FTC

 

The FTC’s order against Chegg is a wake-up call for businesses everywhere and their current data privacy strategy. Chegg Inc. (“Chegg”) has been punished by the Federal Trade Commission (FTC) for its “careless” cybersecurity practices that exposed the sensitive personal information of its customers and employees.

Chegg, according to the FTC’s complaint, stored customer data in plain text on its network. This data includes names, email addresses, Chegg usernames and passwords, shipping addresses, and answers to security questions. Employee information, such as names, Social Security numbers, bank account information, and driver’s license numbers, was also stored in plain text on Chegg’s servers. To top it off, Chegg stands accused of failing to secure its network properly, thus allowing a hacker to access Chegg’s network and steal private information.

According to the FTC, Chegg violated the Gramm-Leach-Bliley Act and the FTC Act by not securing its network and storing sensitive data plainly. As part of the settlement, Chegg will develop a comprehensive information security program and will obtain independent assessments of the program every two years. In addition, Chegg will be subject to FTC oversight for 20 years to come.

The FTC’s order against Chegg is a wake-up call, not only for educational technology companies in the education sector but also for school districts and schools public and private alike. The FTC order against Chegg was because of, as the FTC determined, failure to implement commercially reasonable security measures.

Sai Huda, CEO of CyberCatch, is a globally recognized risk and cybersecurity expert and author of the best-selling book “Next Level Cybersecurity.” He gives MarketScale his thoughts on why companies should pay attention to Chegg’s mistakes, and learn from them to ensure their business’s data stays private, but also, where Chegg went wrong, and how businesses can reform their strategies to meet commercially reasonable security measures.

Sai’s Thoughts:

“Chegg had multiple phishing attacks that were successful. Chegg had other deficiencies that attackers exploited to steal over 40 million students and consumers’ data, which included parents and finally, the FTC said Enough is enough. So the question is, what do commercially reasonable security measures mean when FTC describes them?

It is really complying with a standard such as NIST cybersecurity framework. There are 108 controls, and this is really what educational technology companies minimally must implement and comply with, but also school districts and schools public and private alike should really implement those 108 controls.

These controls are prevention, detection, and response. That is an adequate defense and that will enable schools or even technology companies to be able to make the assertion that it has implemented commercial and reasonable security measures.

Follow us on social media for the latest updates in B2B!

Image

Latest

Marketing AI adoption
Marketing AI Adoption in B2B Enterprises
January 30, 2025

Aby Varma, founder of Spark Novus, leads a discussion on how AI is reshaping marketing within large B2B enterprises. He speaks with Shonodeep Modak, CMO of Schneider Electric’s Energy Management Business, about their AI journey, operational challenges, and strategies for successful AI adoption in marketing. They highlight lessons learned, misconceptions, and the future of…

Read More
frameworks
The Framework Series Advantage: Actionable Frameworks Drive Business Success
January 29, 2025

Businesses often invest heavily in training programs and methodologies, only to see them underutilized or abandoned due to complexity. This challenge underscores the importance of adopting streamlined, actionable frameworks that drive real results. Research shows that many small businesses struggle due to ineffective strategies and a lack of practical implementation tools. How can organizations…

Read More
AI sales and marketing tools
AI Sales and Marketing Tools Are Changing the Game But Are They Helping?
January 29, 2025

Over the past decade, marketing has become increasingly data-driven, with AI sales and marketing tools promising deeper insights and improved decision-making. Businesses have invested heavily in AI and automation, believing that more data equates to better performance. However, this shift has also created unintended challenges. According to a study by Gartner, only 54% of…

Read More
content marketing
The Smart Way to Invest in Content Marketing: From Digital Clutter to Strategic Impact
January 29, 2025

The digital marketing landscape is more fragmented than ever, with brands scrambling to maintain visibility across many platforms. Traditional approaches to content distribution often resemble a game of darts, blindly throwing messages across every channel, hoping something sticks. With businesses facing tighter budgets and increasing pressure to achieve measurable results, marketers must refine their…

Read More
Related
laser-guided package
Software & Technology
Captivating Introduction: Laser-Guided Package Delivery
January 27, 2025
package management
Healthcare
Why Smart Package Room is the Future of Package Management
January 27, 2025

Discover the innovative future of package handling with Smart Package Room, highlighted in a recent discussion featuring Greg Brandner, Head of Marketing, and Shelly Peterson, Senior Director at Smart Package Room. Their dialogue addresses the growing demand for seamless package management in residential developments, the intricacies of Position Imaging’s tracking technology, and how these…

Read More
retail
Healthcare
Self-Service BOPIS and Other Retail Trends
January 26, 2025

In a recent episode of the Intelligent Logistics Podcast, hosted by Position Imaging, Greg Brantner, Director of Marketing and Matthew Knopf, VP of Partnership, discuss the shift in consumer buying habits, the rise of omni-channel shopping, and the evolving technology trends in retail. Retail Landscape and the Rise of Omni-channel Shopping Online shopping in…

Read More