Nationwide might be on your side, but the hackers who broke into it aren’t. The company released an apology today, revealing the October breach that compromised social security information.

The hack on Nationwide came through servers it shared with Allied Insurance, and may have affected up to 1.1 million people, according to The Washington Post. Hackers tapped into quite a payload of personally identifiable information including name, birthday, social security number, and driver license ID number. Nationwide says hackers may also have gotten away with marital status, gender, and work information such as your title, company, and company address. The company said it stores this type of information in order to give people quotes on its insurance.

“At this time, we have no evidence that any medical information or credit card account information was stolen in the attack,” the company said in a statement.

Nationwide says it found the attack the same day it happened, October 3, and immediately reported it to the authorities. It is currently sending out notices to everyone whose information was accessed and, through a partnership with Equifax, is giving those people free identity theft protection and credit monitoring. Anyone who uses Nationwide, or recently sent in their information for a quote, should check their bank statements often — even if you don’t believe your information was part of the hack.

As for who was behind the attack, Nationwide and law enforcement do not yet know. However, the insurance company does suspect that they came from outside the United States. Law enforcement officials are still looking through the forensic evidence to see if they can trace the event back to a specific person or country.

Nationwide image via tlarrow/Flickr

Hackers stole credit card information and potentially tax information from 3.6 million people in South Carolina. They obtained the data by hacking into the state’s Department of Revenue — a hole which the DOR says it has patched up.

The Department of Revenue first heard about the hack on October 10, when it was contacted by the state’s IT division. The department then asked security company Mandian to help it discover the point of entry and any other information about the hackers. On October 16, the department discovered that attempts to breach its systems were made in August and September.

If you’re a South Carolina resident and you’ve filed a tax return after 1998 (or if you filed a South Carolina tax return out of state), the Department of Revenue says you should call (866) 578-5422, where a representative can tell you if your information has been stolen. It also recommends people go to protectmyid.com/scdor, though the website currently redirects you to a generic sign-in page.

South Carolina promises to provide anyone whose information has been stolen with one year of identity theft protection, along with credit monitoring, all through Experian.

“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina, and all our citizens,” said South Carolina Governor Nikki Haley in a statement. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.”

hat tip Associated Press; South Carolina image via Shutterstock