Drug-screening biz DISA took a year to disclose security breach affecting millions

DISA Global Solutions, a company that provides drug and alcohol testing, background checks, and other employee screening services, this week notified over 3.3 million people that their sensitive information may have been stolen by miscreants.

In a February 24 filing with the Maine Attorney General's office, the Texan firm said the security breach occurred over a year ago, on February 9, 2024, and that it discovered the digital intrusion more than two months later on April 22.

In an earlier, now-removed update, DISA said it "took measures" to prevent whoever infiltrated its systems from leaking the data, and confirmed that they had deleted the stolen files.

From where we sit, that smells a lot like a response to ransomware.

While the filing in the US state of Maine doesn't specify what specific info was feared accessed, a notice on DISA's website provides a bit more detail ...