Employee screening data breach exposes 3.3 million records
Companies that handle massive amounts of user data are often the least careful with it. Last year, the National Public Data breach exposed 2.7 billion records. The company's entire business model was built around collecting data from public sources to create detailed user profiles for people in the U.S. and beyond. Now, another breach has surfaced, this time affecting DISA Global Solutions, an employee screening provider.
The breach has exposed the data of more than 3.3 million individuals, raising serious concerns about how sensitive personal information is handled. Millions are now at risk of identity theft and fraud.
DISA Global Solutions, a company specializing in employee screening services, recently disclosed a major data breach affecting over 3.3 million individuals. The Texas-based firm serves more than 55,000 businesses, including a third of Fortune 500 companies, offering background checks, drug and alcohol testing and compliance solutions.
The breach began on Feb. 9, 2024, when an unauthorized party gained access to part of DISA's network. Shockingly, the intrusion went undetected for more than two months until the company discovered the "cyber incident" on April 22, 2024. Following the breach, DISA launched an internal investigation with help from third-party forensic experts to assess the damage.
It's still unclear how the attack happened. DISA hasn't confirmed whether phishing, malware or another method was used. However, the fact that hackers had access for months without detection points to serious gaps in the company's monitoring systems. Adding to the concern, nearly a year passed before the public was notified, which raises serious questions about DISA's cybersecurity measures and response time.
The hackers accessed a trove of sensitive personal information, though DISA has admitted it cannot definitively confirm the full scope of the stolen data. According to filings with the attorneys general of Maine and Massachusetts, the compromised information included Social Security numbers, financial account details (such as credit card numbers), driver's licenses and other government-issued identification documents.
Given DISA's role in employee screening, the breach likely exposed data collected from background checks and drug tests, potentially including employment histories, criminal records and even health-related information. The notification to affected individuals – more than 360,000 were Massachusetts residents and 15,198 from Maine – underscored the breadth of the incident, affecting a staggering 3,332,750 people nationwide.
We reached out to DISA but did not hear back before our deadline.
If you've undergone a background check or drug test through an employer or prospective employer, your data might be among the millions exposed in this breach. Here are five practical steps to protect yourself.
1) Monitor your financial accounts: Regularly check your bank statements, credit card transactions and credit reports for suspicious activity. The breach exposed financial details, making unauthorized transactions a real risk. Consider setting up alerts for any unusual activity.
2) Enroll in credit monitoring: DISA is offering affected individuals 12 months of free credit monitoring and identity restoration services through Experian. Take advantage of this by enrolling before the June 30 deadline to keep tabs on your credit and detect potential misuse early.
3) Place a fraud alert or credit freeze: Contact one of the major credit bureaus (Equifax, Experian or TransUnion) to place a fraud alert on your file, which makes it harder for thieves to open accounts in your name. For stronger protection, consider a credit freeze, which restricts access to your credit report entirely.
4) Be wary of phishing attempts and install strong antivirus: With personal details in the hands of cybercriminals, expect an uptick in targeted scams. Avoid clicking links or sharing information in unsolicited emails, texts or calls claiming to be from DISA or related entities.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
5) Invest in data removal services: In light of these recurring data breaches, taking proactive steps to protect your personal information is crucial. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
The DISA Global Solutions data breach isn't just an apparent mistake. It seems to be a complete failure. A company that handles sensitive data for millions, including Fortune 500 clients, let hackers lurk in its systems for more than two months. Worse, it took 10 months to tell the public. Now, 3.3 million people are left dealing with the fallout while DISA offers a token year of credit monitoring. The real cost is years of potential identity theft and financial damage.
How do you feel about companies that collect and sell data? Do you think they should be held accountable for breaches? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CBS News
38 minutes ago
- CBS News
Arlington prepares for global spotlight as 2026 FIFA World Cup approaches
With just one year to go until the start of the 2026 FIFA World Cup, preparations are well underway in Arlington. AT&T Stadium is set to host nine matches — the most of any venue in North America — and officials expect millions of fans to flock to North Texas during the month-long tournament. "A lot of times people say that it's nine Super Bowls," said Matt Wilson, executive director of the Arlington Sports Commission. "It's even more than that." City leverages experience with major events Arlington, already a seasoned host of major sporting events, is drawing on years of experience to prepare for the international spotlight. "We'll take all the lessons that we've learned over the past 10, 15, 20 years here to make sure that people have the best experience they possibly can," Wilson said. Thousands of people are expected to gather in Arlington's entertainment district, whether or not they have tickets. City leaders say the infrastructure is ready to handle the crowds, pointing to the success of events like the Texas Rangers' World Series parade in 2023. "First and foremost, we want to have a safe and fun environment, and preparations are well underway to make sure that's the focal point," Wilson said. Economic impact expected to be massive The World Cup is projected to generate an estimated $2 billion for the North Texas region and boost tourism across the state. "Folks will be here for the games, but then they will also have time to explore communities and to branch out to see more of Texas and all that we have to offer as a destination," said Erika Boyd, president and CEO of the Texas Travel Alliance. Local businesses gear up for global visitors Local hotels, restaurants, and businesses are already preparing for the influx of international visitors. "And the experiences that we create for visitors in Texas have a lasting economic impact for the state and actually help to offset the household taxes that all Texans pay," Boyd said. A global stage and a lasting legacy As the countdown continues, local leaders are embracing the opportunity to showcase the region on a global stage. The hope is that Arlington's moment in the spotlight will not only impress the world, but leave a legacy that lasts for years to come.
Los Angeles Times
43 minutes ago
- Los Angeles Times
ICE didn't raid Disneyland but federal agents arrested a man at a nearby park
Amid President Donald Trump's immigration crackdown, rumors spread wildly through social media and even Ring app alerts about Immigration and Customs Enforcement agents arriving at Disneyland on Wednesday to question workers and guests. While Disney and Anaheim officials disputed the viral claim as unfounded, the city acknowledged cellphone videos of an SUV pursuing a man two miles down the street at Pearson Park the following morning was credible evidence of federal immigration enforcement. The contrast between Orange County's largest employer and a public park surrounded by a Latino neighborhood illustrates how ICE raids have sown fear, confusion and vigilance in the community. Anaheim Councilmember Natalie Rubalcava saw the Pearson Park video on Instagram, got dressed and headed out to vet the claim. She spoke to a young Latino who recounted how federal agents dressed in black with their faces covered approached him and another man at the park. 'They asked him for identification,' Rubalcava said. 'When he told them he was born in the U.S., they told him 'prove it.'' He gave agents his Social Security number when the other man fled on foot. Agents driving an SUV gave chase, apprehended the man and left by the time Rubalcava arrived. 'We're being told that the police are only [going after] people with criminal records and warrants,' she said. 'That doesn't appear to be the case. The person I spoke to, he was asked if he had documentation. That makes me feel like racial profiling is happening. That is really disheartening and worrisome.' ICE did not return a TimesOC request for comment on any Disneyland or Pearson Park enforcement actions by press time. Since protests erupted in Los Angeles on June 6 in response to ICE raids, the Orange County Rapid Response Network's hotline has been flooded with similar tips about immigration enforcement closer to home. Sandra De Anda, the group's network coordinator, emphasizes a 'salute' method for its team of volunteer ICE watchers to assess the 'size, action, location, uniform, time and equipment' details of a raid in confirming it. None of the social media posts about Disneyland reviewed by TimesOC on Wednesday afternoon had photo or video evidence of ICE agents pulling over workers driving out of employee parking lots, questioning guests exiting the parks or boarding buses along Harbor Boulevard in the Disneyland Resort, as claimed. But that didn't stop them from going viral — or being untrue. By Wednesday evening, the Rapid Response Network posted on social media that its team was in direct contact with Disney officials and confirmed no ICE presence at the resort though multiple reports surfaced throughout the day. The group's own ICE watchers had no independent photo or video of any alleged immigration enforcement action. As of Thursday, it had not received any recent tips about ICE sightings at hotels and restaurants surrounding the Disneyland Resort, either. 'The verification process takes time,' De Anda said. 'We have to confirm with officials like city managers and police chiefs. There has to be several levels of verification before the information goes out into the community, otherwise it will just scare the community.' By then, social media spread the word about Disneyland far and wide. The Rapid Response Network's own post did not go as viral. Mike Lyster, an Anaheim spokesperson, has responded to several reports across the city on a daily basis since June 6. Alongside another city official, he drove to Disney's Harbor Boulevard entrance on Wednesday. Lyster did not witness any ICE agents on site nor when he canvassed the area by car. Disney officials and Anaheim police also had nothing to report. 'We can say with a high degree of confidence that there was no activity there,' Lyster said. Following a Thursday morning interview with TimesOC, Lyster received another report about potential ICE activity two miles north of Disneyland at Pearson Park and drove there. An hour later, Lyster told TimesOC that the incident was believed to be a federal immigration enforcement action, but the city didn't know who exactly carried it out. Despite unverified claims on social media about ICE activity at major commercial hubs in Orange County like Disneyland, the MainPlace Mall, South Coast Plaza, Irvine Spectrum and the Market Place, the Rapid Response Network has more readily confirmed raids at small businesses like car washes. De Anda said ICE is to blame for creating a climate of chaos and misinformation as she has recently come face to face with agents in her activism. 'Only one time did they produce a warrant from the Department of Homeland Security,' she said. 'When my team was doing this under the Biden Administration, they would produce a warrant, even if it was an administrative warrant. Now these agents are not identifying themselves. The tactics have changed dramatically.' After finishing her interview, De Anda headed to Irvine to investigate new reports of ICE activity.
Yahoo
an hour ago
- Yahoo
I'm 55 with a state pension in my future. Do I have to save as much as other people?
I regularly see articles stating how much someone should have saved, based on their age at retirement, to last them the rest of their life. I was fortunate enough to belong to a defined-benefit state retirement plan that guarantees a monthly payment for life of $3,600 and a 50% survivorship option for my wife. With that in mind, would the calculation made by my wife and I be different from someone who does not have a pension plan? We currently have a net worth of about $500,000 to $600,000, with about $180,000 of that in an investment fund. Gundlach says gold is no longer for lunatics as the bond king says wait to buy the 30-year My mother-in-law thought the world's richest man needed Apple gift cards. How on Earth could she fall for this scam? U.S. debt-limit deadlock is making this favorite asset more scarce My friend, 83, wants to add me to his bank account to pay his bills. What could go wrong? Here's why stocks, bitcoin and gold are racing to record highs at the same time. It hasn't happened in over 10 years. I am 55 years old and would like to consider retirement at around 60 to 62 years old. Ready to Retire Today Related: I'm 65 and she's 55. Should we get married for Social Security benefits? You bring up a good point – the rules for retirement savings aren't the same for everyone. It really boils down to knowing — or, at least, estimating — your retirement income. This is a hard ask for anyone. Even those who save $1 million or more can't say for sure what their retirement income will be. Not only do people have to save as much as they can, but then they have to figure out how to spend it down in a way that allows them to live comfortably, but reserve enough for old age. Mix in estimates for inflation, investment returns and the unexpected, and you can see how complicated the process can be. Spending down money in retirement, known in the investment world as decumulation, stumps even the best savers. Think about it, you dedicated decades of earnings to build up a nest egg to pay the bills and live out your retirement dreams and then you have to see that account balance start to dwindle while you are no longer bringing in other income? That can be terrifying. Pensions certainly bring a sense of relief to those stressful calculations, because that's money you're being given without having to tap into the reserves you've set aside. Of course, some recipients might worry that the pension fund will run out of money while they're living, but if you are a part of a healthy, stable defined-benefit plan, you're in much better shape than many other retirees. So to answer your question: Yes, the calculation for how much you should save could very well look different to the calculation of someone without a pension. Just not always. Assess how much you expect to spend in retirement. First figure out what you anticipate your expenses to be per month in retirement: add up the cost for housing, taxes, utilities, groceries, medications, cars and their maintenance, and anything else you want or need to include (such as hobbies, dining out, gifts, and so on). Then figure out what money you're bringing in. The numbers will fluctuate. Your financial plans will also evolve at certain milestones in your life — when you claim Social Security and/or whether you experience a costly medical event. The difference between someone with a pension and someone without is how much of their personal savings will make up the income that pays the bills. For example, if a retiree's monthly expenses were $5,000 and she didn't have a pension, she'd have to come up with the money herself, such as by relying on her savings and Social Security to meet those demands. On the other hand, if she had a pension that brought in $3,600 a month like you do, then she only needs to account for around $1,400 a month. The difference in what she pulls from her savings leaves her with much more money in her account — and much less pressure to have amassed a nest egg that would pay her bills from the day she retires to the day she dies. Another caveat to relying too heavily on a pension: if it isn't inflation-adjusted, the rise in the cost of living would eat away at the value of that income over time. Does this mean you should lean back, relax and not worry about saving all that much? I would say no to that. Pensions may feel like a magic bean in your pocket, but the onus for retirement security is and will remain on you and your wife. Take for instance retiring between ages 60 and 62. If your employer doesn't offer some sort of retiree health insurance, you'll have to find it another way until you are eligible for Medicare at 65. Even though you'll find relief when you see that money come in every month, continue to think long-term with your current finances, and make sure you and your wife come up with a plan that gives you as much financial freedom as you wish. 'It might be another Apple or Microsoft': My wife invested $100K in one stock and it exploded 1,500%. Do we sell? My life partner is 18 years my senior. He wants to leave his $4.5 million fortune to me — not his two kids. Do we tell them? 'I prepaid our mom's rent for a year': My sister is a millionaire and never helps our mother. How do I cut her out of her will? Value investing is finally excelling again in 2025 — but there is one catch for Americans 'The situation is extreme': I'm 65 and leaving my estate to only one grandchild. Can the others contest my will?
