Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Chegg’s 40 m Users to be Issued Fresh Passwords in the Aftermath of Hack


Education technology firm Chegg situated in Santa Clara, USA is considering creating fresh passwords for more than 40m consumers after it discovered one security breach occurring earlier this year. Founded during 2005, Chegg provides textbook rental and online tutoring services through its chegg.com portal. The said breach affected database comprising those related to Chegg website users as well as the firm's EasyBib citation service. Chegg informed about the breach through one 8-K form [1, 2] it submitted to the Securities and Exchange Commission, 25th September, 2018.

It's only on 19th September that Chegg uncovered the hack, it reported within its filing with the SEC; however, the intrusion occurred on April 29, 2018. According to the firm, an unauthorized entity acquired admission into Chegg's company database which supports consumer data obtained from chegg.com along with one of the firm's brand groups, namely EasyBib. In 2013, Chegg opened up for the public, so now its valuation is $3.3bn.

The security breach against Chegg is presently undergoing investigation. Chegg presumes the cyber thugs managed getting hold over user data like e-mail ids, names, usernames and passwords for the firm's website, and postal addresses.

Incidentally, Chegg uses certain hashing algorithm to protect account passwords, while it doesn't save the credentials in cleartext. However, the firm didn't tell the name of the hashing algorithm it uses, which's significant since a lot of algorithms are easy to crack with the passwords taken back in their plaintext styles.

In its filing Chegg further stated that the hackers couldn't get their hold over either bank account/payment card details or Social Security Numbers of its consumers. Meanwhile, the notification procedure by Chegg, according to Phil Hill a consultant for education technology, hadn't yet begun the next day of the 8-K form's submission.

Hill said the firm in his opinion required informing the SEC because of its nature of getting traded publicly. However, the firm appeared as putting more attention on its stock price than notifying the common people appropriately.

TechCrunch a technology news website scooped about Chegg's fallback, indicating the downward trend of the firm's stock price by 10% following the hack.

» SPAMfighter News - 02-10-2018

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next