
Employee screening data breach exposes 3.3 million records
Companies that handle massive amounts of user data are often the least careful with it. Last year, the National Public Data breach exposed 2.7 billion records. The company's entire business model was built around collecting data from public sources to create detailed user profiles for people in the U.S. and beyond. Now, another breach has surfaced, this time affecting DISA Global Solutions, an employee screening provider.
The breach has exposed the data of more than 3.3 million individuals, raising serious concerns about how sensitive personal information is handled. Millions are now at risk of identity theft and fraud.
DISA Global Solutions, a company specializing in employee screening services, recently disclosed a major data breach affecting over 3.3 million individuals. The Texas-based firm serves more than 55,000 businesses, including a third of Fortune 500 companies, offering background checks, drug and alcohol testing and compliance solutions.
The breach began on Feb. 9, 2024, when an unauthorized party gained access to part of DISA's network. Shockingly, the intrusion went undetected for more than two months until the company discovered the "cyber incident" on April 22, 2024. Following the breach, DISA launched an internal investigation with help from third-party forensic experts to assess the damage.
It's still unclear how the attack happened. DISA hasn't confirmed whether phishing, malware or another method was used. However, the fact that hackers had access for months without detection points to serious gaps in the company's monitoring systems. Adding to the concern, nearly a year passed before the public was notified, which raises serious questions about DISA's cybersecurity measures and response time.
The hackers accessed a trove of sensitive personal information, though DISA has admitted it cannot definitively confirm the full scope of the stolen data. According to filings with the attorneys general of Maine and Massachusetts, the compromised information included Social Security numbers, financial account details (such as credit card numbers), driver's licenses and other government-issued identification documents.
Given DISA's role in employee screening, the breach likely exposed data collected from background checks and drug tests, potentially including employment histories, criminal records and even health-related information. The notification to affected individuals – more than 360,000 were Massachusetts residents and 15,198 from Maine – underscored the breadth of the incident, affecting a staggering 3,332,750 people nationwide.
We reached out to DISA but did not hear back before our deadline.
If you've undergone a background check or drug test through an employer or prospective employer, your data might be among the millions exposed in this breach. Here are five practical steps to protect yourself.
1) Monitor your financial accounts: Regularly check your bank statements, credit card transactions and credit reports for suspicious activity. The breach exposed financial details, making unauthorized transactions a real risk. Consider setting up alerts for any unusual activity.
2) Enroll in credit monitoring: DISA is offering affected individuals 12 months of free credit monitoring and identity restoration services through Experian. Take advantage of this by enrolling before the June 30 deadline to keep tabs on your credit and detect potential misuse early.
3) Place a fraud alert or credit freeze: Contact one of the major credit bureaus (Equifax, Experian or TransUnion) to place a fraud alert on your file, which makes it harder for thieves to open accounts in your name. For stronger protection, consider a credit freeze, which restricts access to your credit report entirely.
4) Be wary of phishing attempts and install strong antivirus: With personal details in the hands of cybercriminals, expect an uptick in targeted scams. Avoid clicking links or sharing information in unsolicited emails, texts or calls claiming to be from DISA or related entities.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
5) Invest in data removal services: In light of these recurring data breaches, taking proactive steps to protect your personal information is crucial. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
The DISA Global Solutions data breach isn't just an apparent mistake. It seems to be a complete failure. A company that handles sensitive data for millions, including Fortune 500 clients, let hackers lurk in its systems for more than two months. Worse, it took 10 months to tell the public. Now, 3.3 million people are left dealing with the fallout while DISA offers a token year of credit monitoring. The real cost is years of potential identity theft and financial damage.
How do you feel about companies that collect and sell data? Do you think they should be held accountable for breaches? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles

Los Angeles Times
24 minutes ago
- Los Angeles Times
States sue to block the sale of genetic data collected by DNA testing company 23andMe
Dozens of states have filed a joint lawsuit against the bankrupt DNA-testing company 23andMe to block the company's sale of its customers' genetic data without explicit consent. The suit, filed this week in U.S. Bankruptcy Court in the Eastern District of Missouri, comes months after 23andMe began a court-supervised sale process of its assets. The South San Francisco-based venture was once valued at $6 billion and has collected DNA samples from more than 15 million customers. The company's bankruptcy has raised questions over privacy standards for genetic data, which experts say is uniquely sensitive, immutable and irreplaceable if stolen. Twenty-seven states and the District of Columbia filed the lawsuit, arguing that 23andMe customers have an inherent right to their own genetic information. 'This isn't just data — it's your DNA,' said Oregon Atty. Gen. Dan Rayfield in a statement. 'It's personal, permanent, and deeply private. People did not submit their personal data to 23andMe thinking their genetic blueprint would later be sold off to the highest bidder.' 23andMe announced in May that it would be sold to New York-based drug maker Regeneron Pharmaceuticals, which had agreed to comply with 23andMe's existing privacy policy. However, a competing offer from nonprofit TTAM Research Institute led the bankruptcy judge to reopen the auction last week. TTAM is run by 23andMe co-founder Anne Wojcicki, who has made several failed attempts to take the company private. In a statement, a 23andMe spokesperson said the lawsuit's claims 'are without merit' and that the sale of genetic data does not violate privacy regulations. 'Customers will continue to have the same rights and protections in the hands of the winning bidder,' the spokesperson said. 23andMe customers have the right to delete their genetic information from the company's database at any time, as outlined in the Genetic Information Privacy Act and the California Consumer Privacy Act. During a testimony in Washington earlier this week, 23andMe interim Chief Executive Joseph Selsavage said that 1.9 million customers have requested their data be deleted since the company's bankruptcy filing in March. Sara Geoghegan, senior counsel at the Electronic Privacy Information Center, said that 23andMe's privacy policy was subject to change and not adequate to protect customers' data. In an interview in March, she stressed the sensitivity of genetic data. 'I would be very concerned if I had given a swab to 23andMe,' she said. 'There is little we can do to control what happens to it.'
Yahoo
30 minutes ago
- Yahoo
Space Firm Voyager Technologies Jumps 82% After Upsized IPO
(Bloomberg) -- Voyager Technologies Inc. shares ended their debut trading day up 82% after the company raised $383 million in an upsized US initial public offering. Trump's Military Parade Has Washington Bracing for Tanks and Weaponry Shuttered NY College Has Alumni Fighting Over Its Future NY Long Island Rail Service Resumes After Grand Central Fire NYC Renters Brace for Price Hikes After Broker-Fee Ban NYC Mayoral Candidates All Agree on Building More Housing. But Where? The Denver-based defense contractor's stock closed at $56.48 each on Wednesday, versus the IPO price of $31 apiece. The company sold more than 12.3 million shares, after having marketed 11 million shares for $26 to $29. The trading gives Voyager Technologies a market value of $3.2 billion based on the outstanding shares listed in its filings. Janus Henderson Investors and Wellington Management have indicated an interest in buying a total of $60 million of shares in aggregate, the filings show. Founded in 2019 and recently rebranded from Voyager Space, Voyager Technologies serves both government and commercial clients across sectors including national security, advanced technology and space infrastructure, according to the filings. Space Station Replacement Voyager has a $217.5 million development grant with NASA to design Starlab, the commercial space station planned to replace the International Space Station, which is set to be decommissioned in 2030. Voyager plans to operate Starlab through a joint venture with equity partners including Airbus SE, Mitsubishi Corp., MDA Space Ltd. and Palantir Technologies Inc. The recent hostilities between President Donald Trump and Elon Musk jolted the share prices of companies in the sector on the prospect that SpaceX's dominant position had become vulnerable, though Musk later expressed regret over the rift. In an interview on Bloomberg TV Wednesday, Voyager Chief Executive Officer Dylan Taylor credited SpaceX as a crucial player in the industry, and said that there are other firms that are also doing great things. The space sector is unique in that companies are looking to collaborate and cooperate, he said. 'Really, everyone is rooting for everyone else,' Taylor said. 'I mean that sincerely, because it's important we get replacements up there prior to the International Space Station being decommissioned.' Another firm with links to both Voyager and the government is Palantir. A joint venture partner on the Starlab project, it's also a Voyager share holder, the filing shows. Voyager issued 228,365 shares to the data analytics firm in April last year as payment for for services including developing a prototype to schedule payloads to the ISS. 'We are both headquartered in Denver, they are across the street from us, we are friendly,' Taylor said. 'They are great partners and we coordinate with them closely and we have several initiatives where they play an important role.' Almost 84% of Voyager's revenue in 2024 stemmed from contracts with the US government and its affiliates, according to its filings. Voyager reported a net loss of $26.9 million on revenue of $34.5 million in the three months ended March 31, compared with a net loss of $14.8 million on revenue of $30.2 million in the same quarter last year. Trump's proposed 'Golden Dome' defense system, using space-based interceptors to shield the US from missile threats, could further boost Voyager's prospects. 'If the President gets what he wants for Golden Dome, that would potentially be a windfall,' Taylor said. Congressional Republicans are seeking $25 billion to start work on a project that Trump said could cost $175 billion overall. From the commercial space aspect of the business, even under a so-called skinny budget scenario, there would still be robust funding for commercial space stations, Taylor said. The offering was led by Morgan Stanley and JPMorgan Chase & Co. Its shares trade on the New York Stock Exchange under the symbol VOYG. --With assistance from Ed Ludlow and David Gura. (Updates with trading in first three paragraphs and CEO interview throughout.) New Grads Join Worst Entry-Level Job Market in Years The Spying Scandal Rocking the World of HR Software American Mid: Hampton Inn's Good-Enough Formula for World Domination The SEC Pinned Its Hack on a Few Hapless Day Traders. The Full Story Is Far More Troubling Cavs Owner Dan Gilbert Wants to Donate His Billions—and Walk Again ©2025 Bloomberg L.P. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

Yahoo
30 minutes ago
- Yahoo
Oxford Industries: Fiscal Q1 Earnings Snapshot
ATLANTA (AP) — ATLANTA (AP) — Oxford Industries Inc. (OXM) on Wednesday reported fiscal first-quarter earnings of $26.2 million. The Atlanta-based company said it had net income of $1.70 per share. Earnings, adjusted for one-time gains and costs, came to $1.82 per share. The results matched Wall Street expectations. The average estimate of three analysts surveyed by Zacks Investment Research was also for earnings of $1.82 per share. The owner of the Tommy Bahama, Lilly Pulitzer and Southern Tide clothing lines posted revenue of $392.9 million in the period, surpassing Street forecasts. Three analysts surveyed by Zacks expected $385.2 million. For the current quarter ending in July, Oxford Industries expects its per-share earnings to range from $1.05 to $1.25. The company said it expects revenue in the range of $395 million to $415 million for the fiscal second quarter. Oxford Industries expects full-year earnings in the range of $2.80 to $3.20 per share, with revenue ranging from $1.48 billion to $1.52 billion. _____ This story was generated by Automated Insights ( using data from Zacks Investment Research. Access a Zacks stock report on OXM at