Thu Feb 27 13:10:00 UTC 2025: ## Millions Affected in DISA Global Solutions Data Breach

**Portland, ME –** Employee screening company DISA Global Solutions has revealed a massive data breach affecting over 3.3 million individuals. The Texas-based firm disclosed the breach to the Maine Attorney General’s office on February 24, 2025, admitting that sensitive information was accessed between February 9th and April 22nd, 2024, a delay of over two months in detection.

The compromised data may include names, social security numbers, driver’s license numbers, financial account information, and drug testing results. While DISA claims to have deleted the stolen files and taken measures to prevent data leakage, suspicions remain that the breach may have been a ransomware attack, given the company’s delayed disclosure and lack of transparency regarding remediation efforts.

Security experts express serious concerns about the potential for misuse of the stolen data, considering the two-month gap between the breach and its discovery. Individuals may not even be aware of their involvement, as they interacted with DISA through potential employers rather than directly. This leaves them vulnerable to extortion attempts by malicious actors.

The incident highlights the vulnerability of data brokers like DISA, which hold vast amounts of sensitive personal information. The potential for both corporate and individual extortion makes such companies prime targets for cybercriminals. This breach echoes the devastating August 2024 attack on National Public Data (NPD), which led to the release of nearly three billion records and the company’s subsequent bankruptcy. DISA has not yet responded to requests for comment on whether a ransom was paid or the specific remediation measures taken.

Read More