3.3 million personal data compromised DISA Global Solutions, a provider of background checks and drug testing services to Fortune 500 companies, has reported a major data breach. Hackers had access to the network for more than two months and compromised the Social Security numbers, financial accounts, and credit cards of more than 3.3 million people.
According to the official DISA report, the cyberattack lasted from February 9 to April 22, 2024, but was not made public until a year later, on February 21, 2025. The hackers gained access to sensitive personal information, including:
DISA Global Solutions is a leader in employee verification and compliance. It serves more than 55,000 companies in the U.S. and Europe, including 30% of the Fortune 500. But the lack of robust cybersecurity standards at these companies makes them easy prey for hackers, and according to Cory Michal, a nonprofit at AppOmni, background check services don’t have the same cybersecurity protections as financial institutions, making them easy targets for attacks.
DISA has implemented additional security measures and provides victims with 12 months of credit monitoring, but experts say that’s not enough.
67 
80 
101 