Skip to content

Drug screening firm discloses data breach affecting over 3.3 million individuals

  • by
  • 2 min read

DISA Global Solution, a drug and alcohol testing firm providing background checks and employee screening services, has announced a data breach in which intruders gained access to the sensitive information of over 3.3 million people. The initial breach happened on February 9, 2024, and it took the company over two months to finally detect it on April 22.

The information comes from the company’s filing with the Marine Attorney General’s office on February 24, over a year since the breach happened. The Register reports that in a now-removed update on the situation, DISA claimed it took measures to prevent the intruders from leaking the data and confirmed that any stolen files were deleted.

A notice on DISA’s website claims that personal information in the stolen files may have included names, Social Security Numbers, driver’s license and other government ID numbers, financial account information, and “other data elements. An earlier notice stated that the latter includes drug testing information. Thankfully, the company claims that it’s not aware of any attempted or actual misuse of any stolen information from its servers.

This is an image of data breach cyber security 238972348978978

The nature of the attack wasn’t disclosed in the filing with the Maine Attorney General’s office or on the notice on the company’s website. However, as ransomware groups increasingly target healthcare or related organisations, there are signs of a ransomware intrusion, including the attack description DISA’s now deleted update.

None of the updates included information on how the company dealt with the intruders, what mitigation measures were applied, or whether or not a ransom was paid. The notice only adds that relevant law enforcement authorities were notified upon discovery, systems were safely restored, and additional security measures were implemented.

As is the case with most, if not all, data breaches, DISA is offering affected individuals 12-month credit monitoring and protection services from Experian. There’s also a dedicated helpline for any questions regarding the incident or for people who believe they were affected but didn’t receive a notification letter.

In the News: LockBit claims to have access to classified FBI data

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of https 3344700 1280

SSL.com patches abused certificate issue vulnerability

Photo: koshiro k/shutterstock. Com

OpenAI report claims its latest models hallucinate more

What is a hack? 9 different types of hackers you must know about

New RustoBot malware hijacks routers to inject commands

This is an image of wordpress featured 9924

Ad-fraud operation monetises piracy via WordPress plugins

Photo: koshiro k/shutterstock. Com

OpenAI’s o3 model scores lower than initially promised

  • by
  • AI, In News
This is an image of spyware on pc

Russian hosting provider abused for malware delivery

>