Background check provider data breach affects 3 million people who may not have heard of the company
Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network.
DISA says a third party had access to its environment between February 9, 2024, and April 22, 2024. The attacker may have accessed over three million files containing personal information.
DISA is a third-party administrator of employment screening services, including drug and alcohol testing and background checks. DISA discovered the breach on April 22, 2024, and has since conducted an investigation with the help of third-party forensic experts.
This is one of these cases where a company most people have never heard of has amassed a mountain of information about many people. These data brokers gather information from several sources and sell them on to interested buyers. DISA provides these services to over 55,000 companies.
During the investigation, DISA was unable to determine the specifics of the stolen data, but everyone whose data may have been compromised will get a detailed breach notification letter, specifying the type of data.
This letter will also include details about free access to 12 months of credit monitoring and identity restoration services through Experian for which you must enrol by June 30, 2025.
Given the field that DISA is active in, that information could interest cybercriminals for use as background information for targeted phishing attempts or extortion. The Massachusetts breach report tracker that at least some Social Security Numbers were involved.
DISA states that it’s not aware of any attempts to abuse the stolen information:
“While we are unaware of any attempted or actual misuse of any information involved in this incident, we are providing you with information about the incident and steps you can take to protect yourself, should you feel it necessary.”
Protecting yourself after a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
- Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
- Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
- Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
- Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
- Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
- Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
- Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.
Check your digital footprint
Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.
