Breach at US Drug and Alcohol Testing Company Leaks Data of 3.3 Million People
February 26, 2025
A cyberattack against leading US background screening and drug and alcohol testing company DISA Global Solutions has led to a significant leak impacting 3.3 million people.
Company discloses breach from last year
DISA Global Solutions suffered a security incident last year. While threat actors compromised its systems on Feb. 9, 2024, the company only discovered the breach two months later, on April 22.
DISA kept the incident under wraps and only disclosed the incident last month. An update to the initial advisory stated that threat actors may have accessed sensitive data on the company’s systems and that it had no evidence of further misuse.
However, a recent update shows the breach leaked the data of 3,332,750 people to the perpetrators.
Various types of sensitive data exposed
“Our investigation determined that an unauthorized third party accessed our environment between February 9, 2024, and April 22, 2024, and procured some information,” reads the company’s security advisory. “Although our forensics investigation could not definitively conclude the specific data procured, DISA conducted a detailed and time-intensive review of the affected files to identify the personal information contained therein.”
In a public notice on DISA’s official website, the company mentions that threat actors may have accessed sensitive information, including:
- Names
- Social Security Numbers (SSNs)
- Driver’s license numbers
- Other government ID numbers
- Financial account information
- Miscellaneous data
The notice added that the type of leaked data varies with each individual.
Company response and mitigation
It is worth noting that DISA failed to name the type of cyberattack that compromised their systems. However, as BleepingComputer reported, the company may have paid a ransom in exchange for the stolen data not being made public.
To further mitigate damage, DISA offers impacted individuals 12 months of complimentary identity theft and credit monitoring services.
How to prepare for data breaches
Unfortunately, data breaches are unpredictable and strike indiscriminately, regardless of how well-prepared a company or its customers are.
Dedicated solutions like Bitdefender Digital Identity Protection can help you prepare for data breaches and other unfortunate events that may expose your data to threat actors.
It provides an overview of your online data, including traces from services you no longer use. It also continuously scans the public and Dark Web for your digital presence, notifies you instantly if your data has been exposed by a breach, and lets you instantly patch weak spots in your digital footprint with quick, one-click action items.
tags
Author
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsRight now Top posts
Streamjacking Scams On YouTube Leverage CS2 Pro Player Championships to Defraud Gamers
February 20, 2025
How to Identify and Protect Yourself from Gaming Laptop Scams
February 11, 2025
Your Device ‘Fingerprint’ Will Go to Advertisers Starting February 2025
December 24, 2024
Beware of Scam Emails Seeking Donations for UNICEF or Other Humanitarian Groups
December 19, 2024
FOLLOW US ON SOCIAL MEDIA
You might also like
Bookmarks
