Hackers Have Stolen Sensitive Data of 700 “Chegg” Employees

• Someone has managed to breach Chegg’s systems, stealing the names and SSNs of current and former employees.
• The exposed individuals are now running the risk of falling victims to identity theft attacks.
• Chegg is actively addressing the problem by offering two years of fraud protection, as well as by covering an insurance amount.

Chegg has disclosed a data breach that happened on April 9, 2020, involving a successful hacking attempt against its systems. The incident has affected approximately 700 current and former employees of Chegg USA. The company realized the breach the next day and initiated an investigation immediately. At the same time, they informed the law enforcement authorities and the California Data Protection officer, and they contracted a third-party forensic expert to aid them in the investigation.

According to the notice of data breach circulating right now, the data that has been exposed as a result of this incident includes the full names and the social security numbers of seven hundred people. This could potentially enable malicious actors to conduct identity fraud acts. So, as a precautionary measure, Chegg is offering two years of credit monitoring services at Experian “IdentityWorks.” Moreover, the company is providing up to $1 million of insurance coverage for identity theft and unauthorized financial transactions cases. The affected individuals should register for this program by July 31, 2020, or call (855) 89604452 to contact the Experian customer support and figure whether or not they have been exposed.

Besides that, you should be careful how you handle unsolicited messages, via either email or SMS. You are advised to monitor your account statements and credit history regularly, and also to stop using credentials that involve part of your name on the email address. Finally, placing your bank account in a security freeze state so that actors can’t submit fraudulent loan requests wouldn’t be a bad idea either.

Remember, your social security number is linked with tax returns, W-2s, bank statements, forms from the U.S. Citizenship and Immigration Services, etc. That said, if you receive an email claiming to be from these offices, it most probably came from phishing actors who will also use your SSN as a proving and convincing element.

Chegg is an American education technology company that serves over three million subscribers. As we are still in the middle of the COVID-19 pandemic lockdown, the platform is likely dealing with a sudden influx of users, so securing its systems now is more critical than it ever was. Failing to defend against a hacker attack isn’t a very good development for them at this moment. Clients who access Chegg’s services such as textbook renting and the internship access portal are paying for these services. Although this incident doesn’t involve client payment data, it certainly isn’t beneficial for the platform’s reputation.