The number of people who had personal information exposed as part of an attack on Nationwide's computer network now totals more than 1 million, including 29,050 in Ohio, according to state insurance regulators.
"Nationwide is days away from completing the mailing of letters to the impacted individuals. Each individual will be provided with a free credit-monitoring and identity-theft product," said Elizabeth Giannetti, a Nationwide spokeswoman.
The Columbus-based insurer said last month that it was a victim of a criminal attack affecting part of its computer network that contained information on current, former and prospective customers of Nationwide and its Allied affiliate.
The attack occurred on Oct. 3. Nationwide said it took steps at the time to secure its network and has been working with law enforcement to investigate. It also has hired experts to analyze the data and the computer network.
The insurer said people in all 50 states have been affected.
The California Department of Insurance said a database was compromised, resulting in the theft of confidential information for about 1 million policyholders and non-policyholders. About 5,050 Californians have been affected.
The breach included names, Social Security numbers and other identifying information, California regulators said. Regulators in other states have said that driver's license numbers and dates of birth and, in some cases, marital status, sex, occupation, and the names and addresses of employers also were compromised in the breach.
No credit-card information was disclosed as part of the breach.
Ohio regulators also are tracking the investigation.
"We have been in communication with Nationwide regarding this criminal cyberattack and are monitoring the situation," said Chris Brock, communication director for the Ohio Department of Insurance.
Nationwide said yesterday that it continues to work with law enforcement as the investigation of who was responsible for the intrusion.