One Million Affected by Nationwide Insurance Company Breach


Nationwide Mutual Insurance Company recently reported that it suffered a cyber attack, which resulted in the compromise of consumers' personal information. According to a report from the California Department of Insurance issued last week, the personal information of about one million consumers, including both policyholders and non-policyholders, has been stolen.

While victims span all 50 states, state officials have confirmed that residents ofGeorgia, California, South Carolina, and Oklahoma have been affected. Nationwide is currently notifying affected individuals by mail, and also offering them free credit monitoring and identity theft protection services for one year.

We recently published an article on PropertyCasualty360 entitled "Staying Compliant Amid Escalating Cyber Threats: Insurers Must Address Data Privacy Vulnerabilities and Compliance Obligations," which highlighted the increasing compliance obligations and data security threats facing the insurance industry today. The article noted recent data breaches affecting the insurance industry and discussed insurance companies' compliance obligations under state, federal (e.g., Gramm-Leach-Bliley Act, HIPAA, the HITECH Act), and international data privacy laws. The Nationwide breach underscores the importance of compliance with these laws to avoid financial and reputational risks.

For more information on compliance with state, federal, and international data privacy laws, please contact Corey Dennis ([email protected])