DISA Data Breach Exposes Personal Information of 3.3 Million Individuals

The U.S. employee screening firm confirmed hackers accessed sensitive data, including Social Security numbers and financial details, in a breach lasting over two months.

DISA Global Solutions, a major U.S. employee screening company, suffered a data breach affecting 3.3 million individuals, including those screened for Fortune 500 companies.
Hackers infiltrated DISA's network on February 9, 2024, and remained undetected until April 22, 2024, gaining access to sensitive personal information.
Compromised data includes Social Security numbers, financial account details, government-issued IDs, and potentially other personal identifiers, though medical records were reportedly not accessed.
The breach notification process began nearly a year after the incident, raising concerns about delayed disclosure and potential misuse of stolen data.
DISA is offering 12 months of free credit monitoring and identity theft protection to affected individuals while investigations continue into the attack's origins and scope.