The Target: DISA Global Solutions, Inc., a third-party employment screening services provider.
The Take: The personal information accessed could have included people’s names, Social Security numbers, driver’s license numbers, other government ID numbers, financial account information and other data elements.
The Vector: The company, which provides drug and alcohol testing and background checks, said it discovered on April 22, 2024, that it was the victim of cyber-attack that gave “an unauthorized third party” access to individuals’ personal information from Feb. 9, 2024, to April 22, 2024, the company said in a notice on its website.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.