
This is yet another class action about a data breach, this time against Nationwide Retirement Solutions, Inc. Nationwide promised that it took certain measures to safeguard information, the complaint for this class action says, but it also alleges that the company either did not implement all of them or that they were inadequate, so that Nationwide bears responsibility for the breach.
The class for this action is all individuals whose personally identifiable information (PII) was compromised as a result of Nationwide’s data breach, which occurred in or about September 2022.
Nationwide, an affiliate of the insurance and financial services company Nationwide Mutual Insurance Company, offers retirement, investment, and insurance services to its customers. As part of its business, it collects a good deal of personal information, including names, Social Security numbers, financial information, application and transaction information, and so on. Customers must provide this information in order to do business with the company.
The complaint quotes the company’s Privacy and Security Policy as saying, “Physical and technical means are used to ensure the security and confidentiality of [its customers’] information.” The complaint alleges, “Nationwide states in its privacy and Security Policy that it complies with state and federal laws regarding data security and data breach notifications…”
The complaint also quotes the company as saying, “We retain your information in accordance with our legal obligations and records retention policies. For example, we may have a legal obligation to retain information relating to your agreements with us or claims relating to your products or services. We delete your data once the legal obligation expires or after the period of time specified in our records retention policies.”
However, the complaint alleges that, “on information and belief, Nationwide never implemented or enforced the reasonable cybersecurity measures and policies necessary to deliver on those promises.”
According to the complaint, Nationwide has not determined when the data breach began, but says that it lasted until at least September 3, 2022. The data breach affected more than 1,600 persons, the complaint alleges, exposing names, Social Security numbers, financial account information and numbers, and other PII.
The complaint alleges, “Nationwide did not detect the hack when it happened, meaning Nationwide did not have the means to prevent, detect, or stop data breaches before hackers could access and steal PII.”
The plaintiff for this class action, Joy Dryer, has had a retirement plan with Nationwide for twenty-five years. After the data breach, the complaint alleges, she was subject to identity theft, when an unknown party made fraudulent charges on her credit card.
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
Nationwide Retirement Solutions Data Breach Complaint
October 20, 2022
This is yet another class action about a data breach, this time against Nationwide Retirement Solutions, Inc. Nationwide promised that it took certain measures to safeguard information, the complaint for this class action says, but it also alleges that the company either did not implement all of them or that they were inadequate, so that Nationwide bears responsibility for the breach.
Nationwide Retirement Solutions Data Breach ComplaintCase Event History
Nationwide Retirement Solutions Data Breach Complaint
October 20, 2022
This is yet another class action about a data breach, this time against Nationwide Retirement Solutions, Inc. Nationwide promised that it took certain measures to safeguard information, the complaint for this class action says, but it also alleges that the company either did not implement all of them or that they were inadequate, so that Nationwide bears responsibility for the breach.
Nationwide Retirement Solutions Data Breach Complaint