Chegg.com Breach

NJIT Information Services & Technology (IST) division is advising members of the NJIT community who may have signed up for Chegg.com using their NJIT email address, to update their UCID account passwords to a completely new password to avoid possible account compromise.

In 2018, Chegg.com, a company that offers textbook rental and tutoring services, suffered a data breach resulting in the loss of 40 million customer records which included full names, email addresses, usernames and passwords. As of last month, the results of Chegg's 2018 data breach have been publicly exposed online. If users happen to reuse or slightly modify passwords across multiple services, publicly exposed credentials can be exploited.

Several universities across the nation have reported malicious use of these leaked email addresses and passwords, which were contained in the Chegg breach. This is of concern for anyone who may have signed up for Chegg using their NJIT email address and a password similar or identical to their @NJIT.edu password. 

Due to the commonality of password reuse across multiple platforms or services, we are recommending affected users to reset their password. NJIT's password reset site can be found at http://myucid.njit.edu. As a general best practice avoid using the same password for multiple websites containing sensitive information.

The IT service desk can be reached at 973-596-2900 or servicedesk@njit.edu for assistance with password reset.

NJIT Cyber Safe and Secure

2019.10.03

Cyber security is our shared responsibility. Always STOP, THINK before you click or respond to any type of electronic communication.

Last Updated: October 3, 2019