Nationwide might be on your side, but the hackers who broke into it aren’t. The company released an apology today, revealing the October breach that compromised social security information.
The hack on Nationwide came through servers it shared with Allied Insurance, and may have affected up to 1.1 million people, according to The Washington Post. Hackers tapped into quite a payload of personally identifiable information including name, birthday, social security number, and driver license ID number. Nationwide says hackers may also have gotten away with marital status, gender, and work information such as your title, company, and company address. The company said it stores this type of information in order to give people quotes on its insurance.
“At this time, we have no evidence that any medical information or credit card account information was stolen in the attack,” the company said in a statement.
Nationwide says it found the attack the same day it happened, October 3, and immediately reported it to the authorities. It is currently sending out notices to everyone whose information was accessed and, through a partnership with Equifax, is giving those people free identity theft protection and credit monitoring. Anyone who uses Nationwide, or recently sent in their information for a quote, should check their bank statements often — even if you don’t believe your information was part of the hack.
As for who was behind the attack, Nationwide and law enforcement do not yet know. However, the insurance company does suspect that they came from outside the United States. Law enforcement officials are still looking through the forensic evidence to see if they can trace the event back to a specific person or country.