02/25/2025

Background-checker DISA suffers data breach exposing more than 3.3 million people

DISA, a background check provider for major employers, suffered a data breach exposing more than 3.3M people, including social security numbers. Image (c) ConsumerAffairs.

Social security numbers and financial accounts may have been compromised

Dieter Holger, Data Reporter

• Feb 25, 2025

DISA, which provides background checks for employers including Fortune 500 companies, has suffered a data breach comprising the records of more than 3.3 million people, according to a Feb. 21 filing with the Maine Attorney General.

Hackers got into DISA's networks from Feb. 9, 2024 to April 22, 2024 and may have stolen information including names, social security numbers, driver’s license numbers, other government ID numbers, financial account information and "other data elements," DISA said in a notice on its website.

"Not every data element was present for every individual," DISA said. "Presently, we are unaware of any attempted or actual misuse of any information involved in this incident."

Hackers often sell sensitive information they steal on the dark web.

The breach shows "there is no indication of cyber resilience" at DISA, said Jim Routh, chief trust officer at cybersecurity company Saviynt, in comments given to reporters.

"Storing SSNs for any purpose should require a higher level of security and using SSN to identify digital consumers is an obsolete data management practice," Routh said. "Cyber incidents occur in all enterprises so missing an opportunity to make adjustments to controls and processes based on the learnings applied from previous breaches is an indication of cyber resilience and a positive indicator."

Sophisticated hackers

The DISA data breach also shows that hackers are sophisticated enough to get into networks containing sensitive information for people that end up working at some of the biggest companies, said Javvad Malik, lead security awareness advocate at cybersecurity firm KnowBe4, in comments given to reporters.

"Moreover, the delay in detecting and reporting the breach raises pressing questions about the ongoing monitoring and incident response strategies employed by DISA," Malik said. "Regulatory implications aside, the slow acknowledgment and mitigation could erode the very trust DISA seeks to build with its partners and the individuals it screens."

DISA is offering complimentary identity-theft monitoring through Experian for 12 months for those affected by the breach.

Sign up below for The Daily Consumer, our newsletter on the latest consumer news, including recalls, scams, lawsuits and more.

Dieter HolgerData Reporter

Dieter Holger is a data reporter for ConsumerAffairs. His work has appeared in The Wall Street Journal, MarketWatch, PCWorld and dozens of other outlets. He holds a Master of Science in computational and data journalism from Cardiff University and a Bachelor of Arts in philosophy from UC Santa Cruz. Write to him at dieter.holger@consumeraffairs.com.

Read Full Bio

Sophisticated hackers

Get the news you need delivered to you

You’re signed up