ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Chegg Data Breach

chegg.com
Major exposure
Verified breach Passwords exposed
Accounts exposed 39,721,127
Breach date 28 Apr 2018
Added to tracker 16 Aug 2019
Data classes 6

What happened

In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes. A small number of records also contained physical address or phone number.

Exposed data

Email addresses Names Passwords Phone numbers Physical addresses Usernames

Recommended actions

  • Change your Chegg password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Chegg โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP