Topics

up-to-the-minute

AI

Amazon

Article image

Image Credits:Getty Images

Apps

Biotech & Health

Climate

Article image

Image Credits:Getty Images

Cloud Computing

commercialism

Crypto

Enterprise

EVs

Fintech

Fundraising

Gadgets

stake

Google

Government & Policy

Hardware

Instagram

Layoffs

Media & Entertainment

Meta

Microsoft

privateness

Robotics

Security

Social

Space

Startups

TikTok

Transportation

speculation

More from TechCrunch

event

Startup Battlefield

StrictlyVC

Podcasts

video

Partner Content

TechCrunch Brand Studio

Crunchboard

adjoin Us

DISA Global Solutions , a U.S.-based provider of employee viewing services , has said it suffered a data rupture that bear on more than 3.3 million masses .

DISA , which provides services like drug and alcohol testing and background check tomore than 55,000 enterprisesand a third of Fortune 500 companies , support the data point breach in afilingwith Maine ’s attorney general on Monday .

DISA read it discovered it had been the victim of a “ cyber incident ” that move a “ circumscribed portion ” of its web on April 22 , 2024 . An interior probe determined that a hacker had infiltrated the company ’s connection on February 9 , 2024 , where they went unnoticed for over two months .

In a letter sent to those affect by the data rift , which include individuals who underwent employee screening trial , DISA say the assaulter “ pimp some info ” from its systems .

In a separatefilingwith the Massachusetts lawyer full general , DISA confirmed the stolen entropy include somebody ’ Social Security numbers ; financial account selective information , include credit card numbers racket ; and administration - issued identification document . This filing confirm that more than 360,000 Massachusetts resident were affected by the rift .

However , in its datum breach notification letter , DISA said it “ could not definitively conclude the specific information pander , ” suggesting the company does not have the expert means , such as log , to observe precisely what intimate information was accessed or exfiltrated .

According to itswebsite , DISA collects a spacious range of personal and sensitive information , including details about an applicant ’s work account , educational setting , felonious records , and credit history .

Join us at TechCrunch Sessions: AI

Exhibit at TechCrunch Sessions: AI

It ’s not yet know who was behind the cyberattack or how the organization was compromise . It ’s also unclear why it has taken DISA so long to notify affect individuals about the break .

DISA did not at once respond to TechCrunch ’s question .