Companies that process large amounts of user data are often the least careful. Last year, the national public data breached 2.7 billion records exposed. The company’s entire business model revolves around collecting data from public sources, creating detailed user profiles for the United States and others. Now another violation has surfaced, this time affecting employee screening provider DISA Global Solutions.
The violations revealed data from more than 3.3 million individuals, raising serious concerns about how to handle sensitive personal information. Now, there are millions of risks of identity theft and fraud.
Stay protected and informed! Get security alerts and expert technical tips – Register for Kurt’s “Network News” report now.
Hacker illustration (Kurt “Cyberguy” Knutsson)
What you need to know
DISA Global Solutions is a company specializing in employee screening services, and recently public The main data breach affected more than 3.3 million people. The Texas-based company serves more than 55,000 businesses, including one-third of Fortune 500 companies, providing background checks, drug and alcohol testing, and compliance solutions.
The violation began on February 9, 2024, when an unauthorized party was granted a part of the DISA network. Shockingly, the invasion lasted for more than two months until the company discovered a “cyber incident” on April 22, 2024. After the violation, DISA conducted an internal investigation with the help of a third methodologist to assess the losses.
It is not clear how the attack occurred. DISA has not confirmed whether phishing, malware or other methods have been used. However, the fact that hackers can access for months is no detection point in the company’s monitoring system. In addition, nearly a year has passed notifications to the public, which raises serious questions about DISA’s cybersecurity measures and response times.
A woman working on a laptop (Kurt “Cyberguy” Knutsson)
Spotify playlists are being hijacked to promote pirated software and scams
What data was stolen?
The hacker accessed a series of sensitive personal information, although DISA has acknowledged that it cannot explicitly confirm the full scope of the stolen data. According to Maine Attorneys and Massachusettsdamaged information includes social insurance numbers, financial account details (such as credit card numbers), driver’s licenses and other government-issued ID documents.
Given the role of DISA in employee screening, the violation may be data collected from background checks and drug testing, which may include employment history, criminal records and even health-related information. Notices of Affected People – More than 360,000 people are Massachusetts residents, and 15,198 notices in Maine highlight the breadth of the incident, affecting a staggering 3,332,750 people nationwide.
We contacted DISA but there was no response by the deadline.
A woman working on a desktop and laptop (Kurt “Cyberguy” Knutsson)
9 Ways of Scammers Using Your Phone Numbers to Try to Scam You
5 ways you can stay safe
If you have a background check or drug test through your employer or potential employer, your data could be millions of dollars for that violation. These are five practical steps to protect yourself.
1) Monitor your financial account: Regularly check your bank statements, credit card transactions and credit report suspicious activity. Violations of financial details make unauthorized transactions a real risk. Consider setting up alerts for any abnormal activity.
2) Register credit monitoring: DISA provides 12 months of free credit monitoring and identity recovery services to affected individuals through Experian. Take advantage of this by registering before the June 30 deadline to maintain credibility labels and detect potential abuse early.
3) Place fraud alerts or credit freezes: Contact one of the major credit bureaus (Equifax, Experian or Transunion) to issue fraud alerts on your files, which makes it harder for thieves to open an account in your name. For stronger protection, consider credit freezing, which completely limits access to your credit report.
4) Be wary of phishing and install powerful antivirus software: Through personal details mastered by cybercriminals, targeted scams are expected to increase. Avoid clicking links or sharing information in unsolicited emails, texts, or phone calls claimed from DISA or related entities.
The best way to protect yourself from installing malware (malicious links that may access private information) is to install powerful antivirus software on all devices. This protection can also remind you about phishing email and ransomware scams, ensuring your personal information and digital assets are secure. The choice of the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
5) Investment data deletion service: Given these recurring data breaches, it is crucial to take positive steps to protect your personal information. While there is no service that promises to remove all data from the Internet, it is great to have a deletion service if you want to constantly monitor and automate the process of deleting information from hundreds of sites. View my preferred data deletion service here.
Kurt’s key points
DISA’s global solution data breach is more than just an obvious mistake. This seems to be a total failure. A company that processes sensitive data from millions of people, including Fortune 500 customers, has left hackers lurking in its systems for more than two months. To make matters worse, it took 10 months to tell the public. Now, 3.3 million people are coping with the consequences, and DISA provides a signature year for credit surveillance. The real cost is potential identity theft and financial losses over the years.
What do you think of the companies that collect and sell data? Do you think they should be responsible for violations? Let’s write to us cyberguy.com/contact.
For more technical tips and security alerts for me, please subscribe to my free online reporting newsletter cyberguy.com/newsletter.
Ask Kurt a question or let us know what stories you want us to cover.
Follow Kurt on his social channels:
Answers to the most popular web guess questions:
New things from Kurt:
Copyright 2025 CyberGuy.com. all rights reserved.
