By Katharine Jackson
WASHINGTON (Reuters) -Education technology company Chegg Inc agreed to bolster its data protections as part of a consent agreement reached with the U.S. Federal Trade Commission (FTC), which had criticized company security practices, saying they exposed the personal data of millions of users.
The agency alleged that Chegg failed to act after suffering four security breaches since 2017, exposing sensitive information like dates of birth, family heritage and passwords.
The proposed FTC order would require the company to limit the data it can collect, offer users access to data collected about them and implement multifactor authentication, the commission said in a statement on Monday.
Marc Boxser, a spokesperson for Chegg, said the company had worked with the FTC to “find a mutually agreeable outcome and will comply fully” to resolve issues that it said took place more than two years ago.
(Reporting by Katharine Jackson; Additional reporting by Diane Bartz; Editing by David Gregorio)
