Educational technology firm Chegg Inc. must boost its information security as part of a proposed agreement with the Federal Trade Commission for taking “shortcuts” with sensitive student data.
California-based Chegg employed lax data security practices since 2017, exposing information collected from its users and employees, the FTC alleged. The information at issue included Social Security numbers, dates of birth, sexual orientation, and other private information.
As part of a consent agreement with the commission, Chegg must limit its data collection, implement a security program, and enable multi-factor authentication, a security measure that requires a second step beyond a password.
“Chegg ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.