Consumers Affected
10,100,000
The FTC proposed a consent order against Illuminate Education, Inc. for failing to secure student data, leading to a breach affecting over 10 million students. The company allegedly had security failures and delayed breach notifications. The order requires a data security program, data deletion, and a retention schedule.
The proposed consent order prohibits misrepresentations about data security and breach notifications, requires deletion of unnecessary data, implementation of an information security program, adherence to a public data retention schedule, and reporting of data breaches to the FTC if reported elsewhere.
Entity
Illuminate Education, Inc.
Also known as: Illuminate Education
Industry
EducationOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2025/12/ftc-takes-action-against-education-technology-provider-failing-secure-students-personal-data
2223105illuminatecomplaint
https://www.ftc.gov/system/files/ftc_gov/pdf/2223105illuminatecomplaint.pdf
2223105illuminateacco
https://www.ftc.gov/system/files/ftc_gov/pdf/2223105illuminateacco.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
$5.1M
Illuminate Education, Inc. suffered a data breach in 2021 due to security failures, exposing sensitive student data including medical conditions across millions of students. The company has agreed to pay $5.1 million in settlements to California, Connecticut, and New York and implement injunctive relief to strengthen data security practices.
$5.1M
Connecticut Attorney General William Tong, along with California and New York Attorneys General, settled with Illuminate Education, Inc. for failing to protect student data in a breach that exposed personal information of millions of students. The settlement, the first under Connecticut's Student Data Privacy Law, requires Illuminate to pay $5.1 million and implement enhanced cybersecurity measures.
$5.1M
Illuminate Education, Inc. experienced a data breach in 2022 that exposed personal information of millions of students due to inadequate security measures. A multistate investigation by New York, California, and Connecticut Attorneys General resulted in a $5.1 million settlement requiring Illuminate to enhance cybersecurity practices and pay penalties.
$18.0M
Consumer fraud enforcement action where the FTC settled with Air AI for misleading entrepreneurs with false earnings and refund guarantees. The company will be banned from marketing business opportunities and pay a suspended $18 million judgment with $50,000 for consumer relief. Violations included failure to provide required disclosures and false claims under the Telemarketing Sales Rule and Business Opportunity Rule.
$17.0M
Consumer fraud enforcement action where the FTC settled with Xponential Fitness for violating the Franchise Rule by misrepresenting key information to franchisees, including time to open and costs. The settlement includes a $17 million monetary judgment for redress and prohibits future misrepresentations.
Consumer fraud and advertising enforcement action where the FTC sent warning letters to 97 auto dealership groups for deceptive pricing practices, such as advertising prices that exclude mandatory fees, misleading consumers about total costs. The letters stress the need for truthful and transparent pricing in the automotive industry.