ShellCodeX Breach Report
Chegg Data Breach
chegg.com
Verified breach
Passwords exposed
Accounts exposed
39,721,127
Breach date
28 Apr 2018
Added to tracker
16 Aug 2019
Data classes
6
What happened
In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes. A small number of records also contained physical address or phone number.
Exposed data
Email addresses
Names
Passwords
Phone numbers
Physical addresses
Usernames
Recommended actions
- Change your Chegg password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Chegg โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP