Nationwide Mutual Insurance said Wednesday it was the subject of a cyber attack resulting in compromised information for one million individuals. 

Spokeswoman Elizabeth Giannetti confirmed a statement by the California Department of Insurance earlier in the day which said “names, social security numbers, and other identifying information” of one million policyholders and non-policy holders were exposed. No credit card details were revealed.

Giannetti said the attack was discovered in October and is the subject of an “ongoing investigation” with the Federal Bureau of Investigation. She said the Columbus, Ohio-based company will send letters to individuals whose information was exposed through the mail. Nationwide will be providing those affected with free credit monitoring and identity theft protection.

California Insurance Commissioner Dave Jones said his department will conduct a review to “ensure the company is doing all it can to protect consumers from theft or loss of their personal information.”

Follow Adam Samson on Twitter @adamsamson.