Data Breach at DISA Global Solutions Affects Over 3.3 Million People

Introduction to the Breach

DISA Global Solutions, a leading U.S.-based provider of comprehensive employee screening services, has recently disclosed a significant data breach. This breach affects a substantial number of individuals, exceeding 3.3 million people. DISA offers a range of services, including drug and alcohol testing and background checks, to a vast client base comprising over 55,000 enterprises and approximately a third of Fortune 500 companies.

Notification and Discovery

The company confirmed the data breach in a formal filing submitted to Maine’s attorney general on Monday. According to the filing, DISA discovered that it had fallen victim to a "cyber incident" on April 22, 2024, which impacted a limited portion of its network. Further investigation revealed that the intrusion occurred on February 9, 2024, and the hacker remained undetected within the system for over two months.

Scope of the Breach

In notifications sent to the affected individuals, who include those who have undergone employee screening tests, DISA indicated that the attacker managed to obtain some information from its systems. However, the company expressed uncertainty regarding the specific data that was accessed or stolen, citing an inability to definitively conclude the extent of the breach due to technical limitations.

Details of Compromised Data

A separate filing with the Massachusetts attorney general provided more detailed insights into the nature of the compromised data. According to this filing, the stolen information includes Social Security numbers, financial account details such as credit card numbers, and government-issued identification documents. It was confirmed that over 360,000 Massachusetts residents were among those affected by the breach.

Technical Capabilities and Response

DISA’s website outlines the wide range of personal and sensitive information the company collects, including work history, educational background, criminal records, and credit history. The breach highlights concerns about the company’s ability to detect and respond to cyber threats effectively. Despite the gravity of the situation, the identities of those behind the cyberattack and the method of compromise remain unknown. Additionally, questions linger regarding the delay in notifying affected individuals about the breach.

Conclusion and Next Steps

At this point, the motive behind the attack and the reasons for the delay in notification are unclear. DISA has not responded to inquiries from TechCrunch regarding these matters. The incident underscores the importance of robust cybersecurity measures and transparent communication in the event of a data breach, particularly for companies that handle vast amounts of sensitive personal information.