Chegg Data Breach Affects 40 Million Customers
The hack dates back to April 2018, and compromised information includes email addresses and passwords.
- By Jordan Lutke
- Sep 28, 2018
Textbook rental giant Chegg reported to the Securities and Exchange Commission (SEC) Wednesday that they had discovered a security breach affecting over 40 million users.
The report was discovered last week, but the intrusion allegedly began in April 2018. Chegg reported that “an unauthorized party gained access to the company database that hosts user data for chegg.com” in the SEC filing.
Chegg said the hack gained access to user names, email addresses, shipping addresses, and chegg.com passwords. The passwords were stored with a hashing algorithm, but it was not stated which one. Hashing algorithms can be broken, rendering the deciphered data in plain text.
However, Chegg did say that hackers did not gain access to Social Security numbers or financial information, such as credit card or bank account numbers. The company said it plans to reset all user passwords.
As a result of the data breach, Chegg’s stock plunged more than 12 percent. Other companies have had bad luck with data breaches as well, with Under Armour having suffered a similar attack in March. This breach comes on the heels of British Airways having their mobile app that compromised information for nearly 400,000 card payments.
Jordan Lutke is an intern with 1105 Media.