DISA Global Solutions, a provider of workplace compliance management and employee screening solutions, reported that it suffered a data breach that affects more than 3.3 million people. They have posted a data breach notification here as well.
Jim Routh, Chief Trust Officer at cybersecurity company Saviynt had this comment:
“Two dimensions of this cyber incident are notable. The first is that SSNs were exfiltrated for individuals and these are easily monetized by threat actors. Storing SSNs for any purpose should require a higher level of security and using SSN to identify digital consumers is an obsolete data management practice.
“The second dimension is the root cause of the breach is not provided so it is not clear what steps DISA took to reduce the probability of this happening again. Cyber incidents occur in all enterprises so missing an opportunity to make adjustments to controls and processes based on the learnings applied from previous breaches is an indication of cyber resilience and a positive indicator. In this case, there is no indication of cyber resilience.”
Javvad Malik, Lead Security Awareness Advocate at KnowBe4, adds this:
“This incident not only highlights the sophistication of cyber adversaries but also exposes the vulnerabilities in the cyber defenses of an establishment that prides itself on efficiency and compliance. It’s a sector that is inherently trusted with some of the most private aspects of individuals’ lives, from social security numbers to medical history. The fact that DISA, with its expansive list of high-profile clients including a significant portion of the Fortune 500 companies, fell victim to such an exploit illustrates a concerning underestimation of the capabilities of modern cyber threats.”
“Moreover, the delay in detecting and reporting the breach raises pressing questions about the ongoing monitoring and incident response strategies employed by DISA. Regulatory implications aside, the slow acknowledgment and mitigation could erode the very trust DISA seeks to build with its partners and the individuals it screens.”
“Providing identity theft protection services post-breach, while necessary, is merely a reactive measure. It is imperative for organizations, especially those like DISA that handle vast amounts of personal data, to adopt a more proactive stance on cybersecurity. This includes continuous monitoring, employing advanced threat detection technologies, and fostering a culture of security awareness throughout the organisation.”
“As the investigation unfolds, it will be crucial for DISA and its stakeholders to thoroughly understand how the attackers circumvented their defences and to implement robust measures to prevent future incidents.”
The hacks and leaking of personal information never seem to be ending. You have to wonder when companies will learn that they need to invest the time, effort and money to not be one of my stories about a company getting pwned.
Related
This entry was posted on February 26, 2025 at 8:33 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
DISA Global Solutions Gets Pwned…. 3+ Million Affected
DISA Global Solutions, a provider of workplace compliance management and employee screening solutions, reported that it suffered a data breach that affects more than 3.3 million people. They have posted a data breach notification here as well.
Jim Routh, Chief Trust Officer at cybersecurity company Saviynt had this comment:
“Two dimensions of this cyber incident are notable. The first is that SSNs were exfiltrated for individuals and these are easily monetized by threat actors. Storing SSNs for any purpose should require a higher level of security and using SSN to identify digital consumers is an obsolete data management practice.
“The second dimension is the root cause of the breach is not provided so it is not clear what steps DISA took to reduce the probability of this happening again. Cyber incidents occur in all enterprises so missing an opportunity to make adjustments to controls and processes based on the learnings applied from previous breaches is an indication of cyber resilience and a positive indicator. In this case, there is no indication of cyber resilience.”
Javvad Malik, Lead Security Awareness Advocate at KnowBe4, adds this:
“This incident not only highlights the sophistication of cyber adversaries but also exposes the vulnerabilities in the cyber defenses of an establishment that prides itself on efficiency and compliance. It’s a sector that is inherently trusted with some of the most private aspects of individuals’ lives, from social security numbers to medical history. The fact that DISA, with its expansive list of high-profile clients including a significant portion of the Fortune 500 companies, fell victim to such an exploit illustrates a concerning underestimation of the capabilities of modern cyber threats.”
“Moreover, the delay in detecting and reporting the breach raises pressing questions about the ongoing monitoring and incident response strategies employed by DISA. Regulatory implications aside, the slow acknowledgment and mitigation could erode the very trust DISA seeks to build with its partners and the individuals it screens.”
“Providing identity theft protection services post-breach, while necessary, is merely a reactive measure. It is imperative for organizations, especially those like DISA that handle vast amounts of personal data, to adopt a more proactive stance on cybersecurity. This includes continuous monitoring, employing advanced threat detection technologies, and fostering a culture of security awareness throughout the organisation.”
“As the investigation unfolds, it will be crucial for DISA and its stakeholders to thoroughly understand how the attackers circumvented their defences and to implement robust measures to prevent future incidents.”
The hacks and leaking of personal information never seem to be ending. You have to wonder when companies will learn that they need to invest the time, effort and money to not be one of my stories about a company getting pwned.
Share this:
Like this:
Related
This entry was posted on February 26, 2025 at 8:33 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.