DISA Data Breach: 3 Million+ Individuals Affected
DISA Global Solutions Reports Data Breach Impacting Millions
DISA Global Solutions, a company based in the United States specializing in employee screening, has announced a significant data security incident. The breach is believed to have compromised the data of over 3.3 million individuals.
Details of the Incident
DISA provides a range of services, including drug and alcohol testing and comprehensive background checks. They serve more than 55,000 businesses, representing approximately one-third of the Fortune 500.
The company formally acknowledged the data breach in a report submitted to the Attorney General of Maine on Monday. Initial findings indicate a “cyber incident” impacted a restricted segment of their network on April 22, 2024.
An internal review revealed that unauthorized access to the company’s network occurred as early as February 9, 2024. This intrusion went undetected for a period exceeding two months.
Information Potentially Compromised
Individuals who have undergone employee screening processes through DISA have been notified about the breach. The company stated that the attacker successfully obtained “some information” from their systems.
A separate filing with the Massachusetts Attorney General detailed the types of data potentially stolen. This included Social Security numbers, financial account details such as credit card numbers, and government-issued identification documents.
The Massachusetts filing confirmed that over 360,000 residents of Massachusetts were affected by this security event.
Uncertainty Regarding Data Access
Despite the confirmed breach, DISA has indicated it cannot definitively determine the specific data that was accessed. The company suggests a lack of sufficient technical resources, like detailed logs, hinders their ability to pinpoint exactly what information was compromised.
Data Collected by DISA
DISA’s website outlines the extensive range of personal and sensitive data they collect. This encompasses details regarding an applicant’s employment history, educational qualifications, criminal records, and credit reports.
Ongoing Investigation
The identity of the perpetrator behind the cyberattack remains unknown. The method used to compromise the organization’s security is also currently under investigation.
The delay in notifying affected individuals about the breach is also a point of concern. The reasons for this delayed notification have not yet been clarified.
DISA Global Solutions has not yet responded to inquiries from TechCrunch regarding this incident.
Related Posts
Coupang CEO Resigns After Data Breach | South Korea
Petco Vetco Data Breach: Customer Information Exposed
FTC Upholds Ban on Stalkerware Founder Scott Zuckerman
Google Details Chrome Security for Agentic Features
Petco Data Breach: SSNs, Driver's Licenses Exposed
