At Nationwide, protecting your personal information is important. We strive to ensure that our systems are safe, secure, and available. If you have discovered a potential security issue with our systems or applications (e.g., websites, mobile apps), we want to know about it so we can fix it. In doing so, we respectfully request that you adhere to the following guidelines.

Nationwide’s expectations

  • The disclosure email outlines the vulnerability, along with supporting details (e.g., executed commands, tool output, affected assets). Screenshots and video recordings are highly encouraged
  • Vulnerability information is not publicly released unless Nationwide has granted you permission
  • Contact information is provided so we may contact you with any questions
  • Patience is exercised as we seek to understand the best method for mitigating the disclosed vulnerability

What you can expect from Nationwide

  • Serious consideration and review of every disclosure submission within three (3) business days
  • Nationwide will update you, as necessary, with mitigation effort status

Vulnerability criteria

  • No social engineering or phishing attempts of any kind against Nationwide employees and contractors
  • No denial-of-service testing
  • No use of malware
  • No testing that may cause damage to Nationwide’s systems
alert icon
To report vulnerabilities to Nationwide, please email vulnerabilitydisclosure@nationwide.com.

Online safety tips

checkmark   Make passwords long and strong.

checkmark   Use a unique password for each account.

checkmark   Keep a clean machine.

checkmark   Automate software updates.

checkmark   Enable a firewall.

checkmark   Limit the use of administrator accounts.

checkmark   Be careful about sharing personal information on social media.