Data Breach Alert: DISA Reveals Hackers Compromised Personal Information of Over 3 Million Employees

Data Breach Alert: DISA Reveals Hackers Compromised Personal Information of Over 3 Million Employees

DISA Global Solutions, a leading provider of employee screening services in the U.S., has recently reported a significant data breach affecting over 3.3 million individuals. This incident raises serious concerns regarding data security and privacy among organizations that rely on DISA’s services, including many Fortune 500 companies.

Details of the Data Breach

On April 22, 2024, DISA confirmed it experienced a “cyber incident” that impacted a “limited portion” of its network. An internal investigation revealed that a hacker accessed the company’s systems on February 9, 2024, remaining undetected for more than two months.

Nature of the Compromised Data

In a notification letter sent to affected individuals, DISA disclosed that the attacker managed to extract certain information from their systems. The specific data compromised includes:

  • Social Security numbers
  • Financial account information, including credit card numbers
  • Government-issued identification documents

Notably, a separate filing with the Massachusetts attorney general confirmed that over 360,000 residents from the state were impacted by this breach.

Challenges in Identifying the Breach’s Scope

Despite the extensive investigation, DISA stated that it “could not definitively conclude the specific data procured,” indicating limitations in their technical capabilities to track the exact nature of the accessed data.

Types of Information Collected by DISA

According to DISA’s official website, the company collects a variety of sensitive personal information, including:

  • Work history
  • Educational background
  • Criminal records
  • Credit history

Ongoing Investigations and Future Precautions

As of now, the identity of the cyberattackers remains unknown, and there is no clarity on how DISA was breached. The delay in notifying affected individuals has also raised eyebrows regarding the company’s communication protocols.

READ ALSO  Clop Ransomware Gang Exposes Dozens of Victims in Cleo Mass-Hack: Firms Challenge Breach Claims

DISA has yet to respond to inquiries from TechCrunch regarding this incident. Organizations are encouraged to monitor their accounts closely and remain vigilant against potential identity theft following such breaches.

For more information on protecting your personal data, consider visiting FTC’s privacy and identity theft page.

Similar Posts

Major US Nonprofit Healthcare Provider Reports Data Breach: Hackers Compromise Medical and Personal Information of Over 1 Million Patients

Major US Nonprofit Healthcare Provider Reports Data Breach: Hackers Compromise Medical and Personal Information of Over 1 Million Patients

Bysupport

The Community Health Center (CHC) in Connecticut reported a significant data breach affecting over a million patients, raising alarms about cybersecurity in healthcare. Following the detection of suspicious network activity on January 2, investigations revealed that a skilled hacker infiltrated their systems on October 14, 2024, compromising sensitive information such as patient addresses, phone numbers, medical diagnoses, treatment details, and Social Security numbers. While CHC confirmed no data deletion or encryption occurred and daily operations remain intact, this incident highlights the urgent need for enhanced cybersecurity measures in the healthcare sector to protect patient information.

US Lawmakers Push for Public Hearing on Apple 'Backdoor' Controversy at UK Spy Court

US Lawmakers Push for Public Hearing on Apple ‘Backdoor’ Controversy at UK Spy Court

Bysupport

Bipartisan U.S. lawmakers, led by Senator Ron Wyden, are pushing for transparency regarding Apple’s challenge to a secret legal demand from the U.K. government. In a letter to the U.K.’s Investigatory Powers Tribunal, they called for an open hearing, emphasizing concerns over user privacy and constitutional rights. The alleged U.K. order would require Apple to create a “backdoor” for government access to customer data, which Apple has resisted. The tribunal is set for a private hearing soon, while civil rights groups are also advocating for transparency and questioning the legality of the U.K.’s demands.

Final Countdown: Save Up to $1,130 on TechCrunch Disrupt 2025 – Only 2 Days Left!

Final Countdown: Save Up to $1,130 on TechCrunch Disrupt 2025 – Only 2 Days Left!

Bysupport

Time is running out to secure your spot at TechCrunch Disrupt 2025! You have just 48 hours left to save up to $1,130 on individual tickets or 30% on group tickets before prices increase on February 28 at 11:59 p.m. PT. The event, happening from October 27-29 at Moscone West in San Francisco, will feature over 10,000 tech leaders, 250+ sessions, and the Startup Battlefield 200 pitch competition. Celebrate 20 years of innovation with industry pioneers, networking opportunities, and the latest tech trends. Don’t miss out—register now to lock in the best prices!

Waymo Employees Now Enjoy Fully Autonomous Rides in Atlanta: Experience the Future of Transportation!

Waymo Employees Now Enjoy Fully Autonomous Rides in Atlanta: Experience the Future of Transportation!

Bysupport

Waymo is launching fully driverless robotaxi rides for employees in Atlanta, marking a key step toward public service by 2025. This follows a $5.6 billion Series C funding round, raising its valuation to $45 billion with backing from major investors like Alphabet and Fidelity. The company plans to test its services in 10 new cities, including San Diego and Las Vegas, to refine its technology. Once launched, the Atlanta service will be available exclusively via the Uber app, with a similar launch planned for Austin. Currently, Waymo operates its ride-hailing service in cities like San Francisco and Phoenix, positioning itself as a leader in urban mobility.

North Korean Hackers Infiltrate Android App Store with Stealthy Spyware Attack

North Korean Hackers Infiltrate Android App Store with Stealthy Spyware Attack

Bysupport

A cybersecurity firm, Lookout, has revealed that North Korean hackers uploaded Android spyware, known as KoSpy, to the Google Play Store, underscoring state-sponsored cyber espionage threats. At least one version of KoSpy had over 10 downloads, allowing it to collect SMS messages, call logs, location data, and more. Google has since removed the malicious apps and deactivated associated Firebase projects. The spyware appears targeted, likely at specific individuals in South Korea, and is linked to known North Korean hacking groups. This incident highlights the importance of mobile security vigilance for users.

Google Acquires Wiz for $32B: Major Move to Strengthen Cloud Security

Google Acquires Wiz for $32B: Major Move to Strengthen Cloud Security

Bysupport

Google plans to acquire cloud security startup Wiz for approximately $32 billion to $33 billion, marking its largest acquisition to date. The deal, which is still pending regulatory approval, aims to enhance Google’s cloud security capabilities while allowing Wiz to maintain its independence across multiple cloud platforms. Wiz currently generates around $700 million in annual recurring revenue and has experienced significant growth, expected to reach $1 billion this year. Led by Google Cloud CEO Thomas Kurian, this acquisition positions Google to compete more effectively against AWS and Microsoft Azure, while Wiz’s leadership remains optimistic about future opportunities.