Chegg Security Breach

Dear Tulane community,

Tulane's Information Security Office is advising members of the Tulane community who may have signed up for Chegg.com using their Tulane email addresses, to update their Tulane.edu account passwords to a completely new password to avoid possible account compromise.
 
In 2018, Chegg.com, a company that offers textbook rental and tutoring services suffered a data breach resulting in the loss of 40 million customer records which included full names, email addresses, usernames, and passwords. Now the results of Chegg's 2018 data breach have been publicly exposed online, which poses a substantial threat. If users happen to reuse or slightly modify passwords across multiple services, publicly exposed credentials can be exploited.
 
Several universities across the nation have reported malicious use of these leaked email addresses and passwords which were contained in the Chegg breach. This is of concern for anyone who may have signed up for Chegg using their Tulane email address and a password similar or identical to their Tulane.edu password. Several Tulane students and alumni have reached out to the IT service desk affected by this breach of Chegg data.
 
Due to the commonality of password reuse across multiple platforms or services,
Tulane's password reset site can be found here. The IT service desk can be reached at 504-988-8888 or help@tulane.edu for assistance with password reset. The Tulane Information Security Office can be reached at security@tulane.edu.
 

Terry Laurent, GCIH GSEC GMON
Senior Security Engineer | Interim CISO | Information Technology