Chegg, an American educational technology company, has confirmed a data breach, the third time in the last three years. The latest saw hackers stealing 700 records associated with the firm’s current and former employees. The stolen records contained the employees’ Social Security Numbers and other personally identifiable information.
Following the breach, the firm immediately launched an investigation together with law enforcement and a third-party digital forensics to determine what has happened.
In 2018, Chegg’s database was targeted by hackers who successfully accessed the firm’s database containing the information of 40 million customers. This was followed by another incident involving Thinkful, an online education platform acquired by Chegg the following year. The 2019 incident was acknowledged by Chegg right away and confirmed that malicious actors have exposed user accounts.
A day before the news of the latest breach emerged, a federal judge ruled that a lawsuit pertaining to the 2018 security incident must proceed to arbitration.
Paul Norris, a senior system engineer at Tripwire, said that multiple data breach involving Chegg highlights the firm’s need to strengthen its efforts to protect their employees and customers against identify theft.