Nationwide Insurance Reaches $5.5 Million Settlement
Nationwide Mutual Insurance has reached a $5.5 million settlement over a 2012 data breach that allegedly exposed the personal information of 1.27 million customers. The states involved in this settlement can use these funds for investigation and litigation costs, consumer protection and law enforcement.
In addition to the financial settlement, Nationwide must also hire a technology officer to monitor and manage security updates, hire an independent auditor to perform an annual review of its security practices and update its policies for storing customers’ personal data. Furthermore, the company must better explain to consumers how their personal information will be used and stored.
The suit had been brought by Attorneys General in 32 states who alleged Nationwide had failed to apply a security patch that would have prevented hackers from stealing the Social Security numbers, drivers license information, credit score and other personal information of customers who had applied for an insurance plan.
After the breach, Nationwide offered affected consumers one year of free credit monitoring and identity-theft protection insurance up to $1 million. The insurance company also advised customers to place a security freeze on their credit report and set up a fraud alert. However, court documents stated this would have cost consumers between $5 and $20 and impeded their ability to obtain credit. Nationwide did not offer to reimburse customers for these potential costs.
Currently, there is still an ongoing class action lawsuit between affected consumers and Nationwide. The claims had initially been dismissed by a judge in Ohio, but last September, an appeals court overturned that decision.