Educational technology firm Chegg Inc. must boost its information security as part of a proposed agreement with the Federal Trade Commission for taking “shortcuts” with sensitive student data.
California-based Chegg employed lax data security practices since 2017, exposing information collected from its users and employees, the FTC alleged. The information at issue included Social Security numbers, dates of birth, sexual orientation, and other private information.
As part of a consent agreement with the commission, Chegg must limit its data collection, implement a security program, and enable multi-factor authentication, a security measure that requires a second step beyond a password.
“Chegg ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.