DISA World Options, a U.S.-based supplier of worker screening providers, has mentioned it suffered a knowledge breach that impacts greater than 3.3 million individuals.
DISA, which offers providers like drug and alcohol testing and background checks to more than 55,000 enterprises and a 3rd of Fortune 500 firms, confirmed the information breach in a filing with Maine’s lawyer basic on Monday.
DISA mentioned it found it had been the sufferer of a “cyber incident” that impacted a “restricted portion” of its community on April 22, 2024. An inner investigation decided {that a} hacker had infiltrated the corporate’s community on February 9, 2024, the place they went unnoticed for over two months.
In a letter despatched to these affected by the information breach, which incorporates people who underwent worker screening exams, DISA mentioned the attacker “procured some info” from its programs.
In a separate filing with the Massachusetts lawyer basic, DISA confirmed the stolen info included people’ Social Safety numbers, monetary account info together with bank card numbers, and government-issued identification paperwork. This submitting confirmed that greater than 360,000 Massachusetts residents have been affected by the breach.
Nonetheless, in its knowledge breach notification letter, DISA mentioned it “couldn’t definitively conclude the particular knowledge procured,” suggesting the corporate doesn’t have the technical means, equivalent to logs, to detect precisely what inner knowledge was accessed or exfiltrated.
In line with its website, DISA collects a variety of non-public and delicate info, together with particulars about an applicant’s work historical past, instructional background, prison data, and credit score historical past.
It’s not but recognized who was behind the cyberattack or how the group was compromised. It’s additionally unclear why it has taken DISA so lengthy to inform affected people in regards to the breach.
DISA didn’t instantly reply to TechCrunch’s questions.
About The Author
