The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees.
The data breach notification sent on April 28 inform the employee of a security breach that impacted some of their personal information.
Based in Santa Clara, Chegg provides digital and physical textbook rentals, online tutoring, and other student services to over three million subscribers.
The data breach was discovered on April 10, 2020, threat actors could have stolen the information of both current and former employees. The personal information that may have been stolen by the attackers included employees’ names and social security numbers.
“On April 10, 2020, we learned that, on or about April 9, 2020, an outside hacker may have illegally obtained employee information for approximately 700 current and former U.S. Chegg employees,” reads the notice of data breach published on the California Attorney General’s website.
“An investigation was immediately commenced, a leading third-party forensic firm was retained to assist, and we notified law enforcement. We believe that your information may have been obtained, which is why you are receiving this notice.”
Chegg notified local authorities and is investigating the incident with the help of a third-party forensic firm.
The company is offering impacted employees free credit monitoring and identity theft protection services provided by Experian. It is also taking steps to further reinforce safeguards in place prior to the
At the time there are no technical details about the attack, it is not clear if the incident is related to two data breaches that the company reported over the past years.
Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS
(SecurityAffairs – Chegg, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.