"On October 3, 2012, a portion of our computer network that is used by Nationwide Insurance and Allied Insurance was criminally intruded upon by an unidentified criminal perpetrator. We discovered the attack that day, and took immediate steps to contain the intrusion. We believe that we successfully contained the attack through our responsive actions," the company claims.
Following an in-depth investigation, they discovered that the attacker had likely stolen some personal information from their systems, and a couple of weeks later they received confirmation of the identities and addresses of the individuals whose personal information they believe was compromised.
"Although we are still investigating the incident, our initial analysis has indicated that the compromised information included certain individuals’ name and Social Security number, driver’s license number and/or date of birth and possibly marital status, gender, and occupation, and the name and address of their employer. At this time, we have no evidence that any medical information or credit card account information was stolen in the attack," they say, adding that they have, of course, notified law enforcement about the attack, and that they have employed outside experts to help them analyze the impacted data and to identify affected customers.
The company is offering a free credit-monitoring and identity theft protection product for one year to all the notified individuals, but it is yet to share details on how many were affected in total.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.