Employee screening data breach exposes 3.3 million records

The breach has exposed the data of more than 3.3 million individuals, raising serious concerns about how sensitive personal information is handled. Millions are now at risk of identity theft and fraud.

The breach began on Feb. 9, 2024, when an unauthorized party gained access to part of DISA's network. Shockingly, the intrusion went undetected for more than two months until the company discovered the "cyber incident" on April 22, 2024. Following the breach, DISA launched an internal investigation with help from third-party forensic experts to assess the damage.

It's still unclear how the attack happened. DISA hasn't confirmed whether phishing, malware or another method was used. However, the fact that hackers had access for months without detection points to serious gaps in the company's monitoring systems. Adding to the concern, nearly a year passed before the public was notified, which raises serious questions about DISA's cybersecurity measures and response time.

Given DISA's role in employee screening, the breach likely exposed data collected from background checks and drug tests, potentially including employment histories, criminal records and even health-related information. The notification to affected individuals - more than 360,000 were Massachusetts residents and 15,198 from Maine - underscored the breadth of the incident, affecting a staggering 3,332,750 people nationwide.

We reached out to DISA but did not hear back before our deadline.

If you've undergone a background check or drug test through an employer or prospective employer, your data might be among the millions exposed in this breach. Here are five practical steps to protect yourself.

1) Monitor your financial accounts: Regularly check your bank statements, credit card transactions and credit reports for suspicious activity. The breach exposed financial details, making unauthorized transactions a real risk. Consider setting up alerts for any unusual activity.

2) Enroll in credit monitoring: DISA is offering affected individuals 12 months of free credit monitoring and identity restoration services through Experian. Take advantage of this by enrolling before the June 30 deadline to keep tabs on your credit and detect potential misuse early.

3) Place a fraud alert or credit freeze: Contact one of the major credit bureaus (Equifax, Experian or TransUnion) to place a fraud alert on your file, which makes it harder for thieves to open accounts in your name. For stronger protection, consider a credit freeze, which restricts access to your credit report entirely.

4) Be wary of phishing attempts and install strong antivirus: With personal details in the hands of cybercriminals, expect an uptick in targeted scams. Avoid clicking links or sharing information in unsolicited emails, texts or calls claiming to be from DISA or related entities. 

The DISA Global Solutions data breach isn't just an apparent mistake. It seems to be a complete failure. A company that handles sensitive data for millions, including Fortune 500 clients, let hackers lurk in its systems for more than two months. Worse, it took 10 months to tell the public. Now, 3.3 million people are left dealing with the fallout while DISA offers a token year of credit monitoring. The real cost is years of potential identity theft and financial damage.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.