Chegg is a school-help platform that millions of high school and college students use. The site even has features that allow students to look for college scholarships tailored to them.
The breach was a leak and sale of tens of millions of records, including Chegg employees and users. The leaked data included emails, addresses, and names in most cases, while special cases involved the victims’ social security numbers, disability data, religion, sexual orientation, and parental income. This data was only associated with students who input such for the scholarship finder on the site.
The breach occurred when, according to The New York Times, Chegg left its systems without password verification, allowing the hacker to easily access millions’ personal information. In November 2022, four years after the breach, the FTC made the same claim and filed a class action lawsuit, resulting in a settlement with Chegg, and the company then promised to input higher-level security measures.
This breach occurred in 2018.
The breach appears to have impacted every Chegg user and employee. Most of Chegg’s customers are minors; the site is tailored specifically to college students and high schoolers, meaning many victims are very young.
The breach affects an approximated number of 40 million individuals. While the main concern for most people is the minors involved, one must also consider the employees and parents affected by the breach.