Nationwide Mutual Insurance announced on its website that a segment of its online computer network was “criminally attacked” in October and as a result of the data breach, information from about one million individuals has been compromised. According to Nationwide, the perpetrators accessed data revealing its customers’ social security numbers, dates of birth, and driver’s licenses. No credit card account information was stolen.
Dave Jones, the Commissioner of the California Department of Insurance, announced that his office will conduct an investigation over the protocol that Nationwide takes to make sure the insurance company protects its clients from security breaches. “While Nationwide has briefed my department and agreed to update us with the findings of its internal investigation, I’ve instructed staff to conduct a follow-up review of the breach to ensure the company has taken the necessary steps to guard against a future system failure,” Jones declared. ”In a global economy, driven by electronic commerce, it is essential that all necessary steps are taken to ensure consumers are protected from an unintentional release or criminal theft of their personal data.”
The compromised data had been gathered from individuals who had requested a price estimate for services provided by Nationwide or its subsidiary Allied Insurance, company spokeswoman Elizabeth Giannetti said.
The state insurance departments of Georgia and South Carolina have also acknowledged that sensitive information of Nationwide policyholders has been illegally acquired in their respective states.
The company has agreed to offer identity theft protection and credit-monitoring to those affected by the data breach.
It is likely that numerous privacy class actions will be filed in light of this security breach.
