Massive Data Breach Puts 3.3 Million People’s Information at Risk
The past few months have already revealed several major data breaches dating back to 2024 (including incidents at PowerSchool and Community Health Center ), the latest of which affected a major employment verification and background check service and compromised the information of more than 3.3 million people.
DISA Global Solutions provides background checks to more than 55,000 employers nationwide, and its systems were hacked for more than two months last year.
What happened to DISA?
According to the company’s report filed with the Maine Attorney General’s Office, hackers gained access to the DISA system between February 9, 2024 and April 22, 2024 (when the breach was discovered) and stole the data of 3,332,750 people.
In its letter notifying consumers of the hack, DISA did not specify what was stolen, simply noting that the hackers “obtained some information.” However, additional documentation discovered by TechCrunch indicates that the breach included Social Security numbers, medical records, financial account information, credit and debit card numbers and other government-issued documents.
Through background checks, DISA collects a wide range of data about consumers, including credit history, education and employment history; driving records; drug tests; recommendations from employers and landlords; as well as criminal and civil cases.
What can you do if your data has been stolen?
The best thing you can do after a data breach is to pay attention to your personal accounts, follow basic security best practices (such as being extra vigilant for suspicious messages that could be a phishing attempt), and lock them down as much as possible to prevent further damage to your information.
If you haven’t already, you should take steps such as freezing your credit and posting a fraud alert to prevent anyone from taking on debt in your name, and consider using identity protection services that can notify you of anything suspicious. You can also set up protection for your SSN so that no one can trick you into getting a job or filing a tax return.
As of February 21, DISA is notifying consumers affected by the breach and offering a 12-month membership to Experian’s IdentityWorks identity monitoring service. To register, go to the IdentityWorks website and enter the activation code in your notification. You must register by June 30, 2025.