Sensitive data of 3 million exposed in massive breach at US screening company
World | DISA is one of the largest employee screening companies in the US, with a clientele including one-third of Fortune 500 listed firms and more than 55,000 customers in total.
A massive data breach at a US employee screening company has exposed the personal information of over 3.3 million Americans.
DISA Global Solutions, a company that performs background checks and drug tests for some of the largest US firms, confirmed that it was a victim of a “cyber incident” in which hackers gained access to sensitive data, reported Newsweek.
Also read | Trump shuts US database tracking police misconduct by officers like Chauvin who killed George Floyd
DISA is one of the largest employee screening companies in the US, with a clientele including one-third of Fortune 500 listed firms and more than 55,000 customers in total. The breach highlights the need for cybersecurity in sensitive industries.
Who was affected, and what was leaked?
The filing stated that 3,332,750 people were affected by the breach, and identity theft protection services were provided.
&im=FitAndFill=(700,400))
T20 World Cup 2026 Awards List: Player of the Match in Final, Player of the Series, best batter, bowler and more - Check Full List Inside
&im=FitAndFill=(700,400))
Iran War: How India built its own version of Israel's missile from space 'Blue Sparrow'
&im=FitAndFill=(700,400))
Iran's new Ayatollah, Mojtaba Khamenei, owns properties worth Rs 2,500 crore in London alone: Report
&im=FitAndFill=(700,400))
Why traditional air defenses are useless against Israel's Blue Sparrow missile
&im=FitAndFill=(700,400))
Which GPS technology does the Iranian Shahed-136 kamikaze drone use?
&im=FitAndFill=(700,400))
'I am not...': Trump's first reaction after Iran appoints Mojtaba Khamenei as new Supreme Leader
)
In a first, 345 Indian Army officer-cadets equipped with cyber security certification
&im=FitAndFill=(700,400))
JeffTube hosts videos from Epstein Files and looks just like YouTube - Link and details
&im=FitAndFill=(700,400))
Why a direct hit from an Iranian missile cannot sink the USS Abraham Lincoln
)
UAE tugboat sinks in Strait of Hormuz; 3 Indonesian crew members missing
&im=FitAndFill=(700,400))
5 cricket teams with most ICC titles, check where India stands
&im=FitAndFill=(700,400))
US air defence costs $12 million, while Ukraine can intercept it for $5,000: How does the UA-made interceptor work?
Also read | Who are Lazarus hackers? All about the mystery gang behind the largest crypto heist ever
According to their website, the company offers various types of screenings and compliance solutions, including drug and alcohol tests and medical tests. For conducting the tests, DISA maintains details of private information, including medical history, work history, education, credit records, and criminal cases.
The leaked information included highly sensitive personal data, including Social Security numbers, credit card and financial account details, and government-issued identification documents.
The data breach
DISA said that the cyber attack occurred on February 9, 2024, and went unnoticed for two months. It added that they “could not definitively conclude the specific data procured.”
Watch | Fortune 500 companies affected by massive data leak; 3 million Americans' data exposed
The breach was discovered on April 22, 2024, after an internal probe revealed that an unauthorised party had gained access to a “limited portion” of the company’s network.
The nature and reason behind the cybercrime have not yet been identified. The company has also not explained why the breach was not filed with the authorities for a year.
(With inputs from agencies)
