Texas-based employee screening giant DISA Global Solutions has revealed that a data breach suffered by the company in 2024 impacts more than 3.3 million people.
DISA provides background screening, drug and alcohol testing, and compliance solutions. The company boasts serving more than 55,000 customers, and says it performs millions of drug tests and background screens every year.
The firm told the public and authorities this week that 3.33 million individuals whose current or former employers used DISA screening services had their personal information stolen last year as a result of a cyber incident.
According to DISA, an intrusion into a limited portion of its network was discovered on April 22, 2024. An investigation revealed that hackers had access to its systems up until that date starting with February 9, 2024.
The company conducted what it described as a “detailed and time-intensive” review of the files stolen by the hackers in an effort to identify individuals whose personal information was compromised as a result of the incident.
A data breach notice posted on the DISA website reveals that the stolen information includes names, Social Security numbers, driver’s license and other government ID numbers, financial account information, and other types of data.
Impacted individuals are being notified and offered free credit monitoring and identity restoration services for one year. DISA says it’s unaware of actual misuse of the information compromised in the incident.
It’s unclear if DISA was targeted in a ransomware attack. No known ransomware group appears to have taken credit for the breach.
Related: Cisco Says Ransomware Group’s Leak Related to Old Hack
Related: VC Firm Insight Partners Hacked
Related: Finastra Starts Notifying People Impacted by Recent Data Breach
Related: OpenAI Finds No Evidence of Breach After Hacker Offers to Sell 20 Million Credentials
