California Insurance Commissioner Dave Jones recently announced plans to conduct a review of Nationwide Insurance's cyber security measures to ensure that the company is doing everything it can to protect its customers' personal information, following a security breach that resulted in the theft of one million people's confidential information.
"The insurance company has not provided details on how a database on its computer system was compromised, but did confirm that the attack occurred on Oct. 3," writes SC Magazine's Danielle Walker. "A third-party company was hired immediately to investigate the data that was compromised, as well as perform a forensic examination of Nationwide's entire network."
"The information had been collected about consumers who had sought a price quote from Nationwide, or from a subsidiary called Allied Insurance, over about the past 13 months, spokeswoman Elizabeth Giannetti said," writes The Wall Street Journal's Erik Holm. "The company began alerting those affected by the breach on Nov. 16, and expected to complete the notifications in the next few weeks, Ms. Giannetti said."
"The breach included names, Social Security numbers and other identifying information, California regulators said," writes The Columbus Dispatch's Mark Williams. "Regulators in other states have said that driver’s license numbers and dates of birth and, in some cases, marital status, sex, occupation, and the names and addresses of employers also were compromised in the breach. No credit card information was disclosed as part of the breach."https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"In a global economy, driven by electronic commerce, it is essential that all necessary steps are taken to ensure consumers are protected from an unintentional release or criminal theft of their personal data," Commissioner Jones said in a statement. "While Nationwide has briefed my department and agreed to update us with the findings of its internal investigation, I've instructed staff to conduct a follow-up review of the breach to ensure the company has taken the necessary steps to guard against a future system failure."