Over 1 million customers are at risk of identity theft after online-criminals broke into servers belonging to Nationwide and Allied insurance companies. Victims include current policyholders and those who sought insurance quotes.

The breach took place Oct. 3 and was discovered the same day. Nationwide immediately contacted authorities, but waited to inform their customers directly. “Although we are not aware of any misuse of consumers’ information at this time, we have sent letters to notify those individuals whose personal information we believe was compromised, as well as certain additional individuals whose information was or may have been involved, but whom we do not believe had information compromised in the attack,” the company said in a recent statement.

“Personally identifiable information” includes names and Social Security numbers, driver’s license numbers and/or dates of birth. It also may include marital status, gender, occupations and the name and address of an employer. So far, Nationwide maintains the position that no other sensitive data – such as medical information or credit card numbers–have been compromised.

An outside security expert was brought in to analyze the data breach and determine who needed to be notified their personal information had been compromised. The Washington Postand other news outlets say the number of notifications is at 1.1 million.

The company is offering a years’ worth of free credit monitoring and up to $1 million in ID theft protection for victims.

Current/former customers and anyone else who has recently requested an insurance quote from either of the two insurers should carefully check bank and credit card statements for any unusual activity. As a former Nationwide customer (until recently), I know I will be keeping a lookout.