Nationwide Mutual Insurance Co. has agreed to pay $5.5 million to close a multistate data breach investigation, attorneys general from several states announced Aug. 9.
Companies that allegedly fail to properly install software security updates to harden their computer networks from cyberattacks run the risk of enforcement actions by state attorneys general.
In 2012, hackers accessed personal information, including Social Security and driver’s license numbers, of some 1.27 million customers of Nationwide and its subsidiary, Allied Property & Casualty Insurance Co., and other consumers by exploiting a third-party web application vulnerability, according to allegations in the settlement.
The companies “failed ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.