Home About Newsletter Categories Donate
Print Friendly and PDF
It’s not your parents’ retirement anymore
Don’t buy these back-to-school items early

Nationwide to pay $5.5 million in settlement for data breach negligence

August 09, 2017

Nationwide_CIMG7261

Photo: Nick22aku

Nationwide Mutual Insurance Co. has agreed to pay $5.5 million to settle charges related to an October 2012 data breach that resulted in the loss of the personal information of about 1.27 million consumers. 

The data breach was caused by the failure to apply a security patch to prevent hacking or viral infection, according to the settlement with 33 state attorneys general. The breach included Social Security numbers, driver’s license numbers, credit scoring information, and other personal data collected to provide insurance quotes to consumers applying for Nationwide insurance plans.

“Nationwide demonstrated true carelessness while collecting and retaining information from prospective customers, needlessly exposing their personal data in the process,” said New York Attorney General Eric Schneiderman.

The settlement requires Nationwide to take steps to update its security practices and to ensure the timely application of patches and other updates. Nationwide also is being required to hire a technology officer who will be in charge of software and application of security updates.

Many of the consumers whose data was lost never became Nationwide’s customers, but the company kept their data to more easily provide the consumers re-quotes later. Following the breach, affected consumers were provided with free credit monitoring and identity theft protection, in addition to identity fraud expense coverage up to $1 million and access to credit reports. The settlement announced Wednesday requires Nationwide to be more transparent about its data collection practices, including disclosing to consumers that it retains their personal information, even if they don’t become its customers.

The 33 attorneys general signing the settlement are from the District of Columbia and the following states: New York, Alaska, Arizona, Arkansas, Connecticut, Florida, Hawaii, Illinois, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Dakota, Tennessee, Texas, Vermont, and Washington.

Copyright 2017, Rita R. Robison, Consumer Specialist
Related articles
EPA launches first limits on U.S. carbon emissions
Recall of the Week: Chrysler vehicles due to hacking vulnerabilities
Why hospitals are making patients sicker

Posted at 03:56 PM in Advertising, Companies, Consumer Protection, Consumers, Finances, Government, Identity Theft, Insurance, Internet, Personalities, Safety | | Comments (0)

Spotlight Posts

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)