If your company is the victim of a ransomware attack and you decide you have no choice but to pay the threat actors, can your cyberinsurer or cyberinsurance reinsurer decline to reimburse you if the threat actors you paid are on Treasury’s sanctioned list? Would reimbursing them expose the cyberinsurer or reinsurer to problems with […]
Risk & Insurance reports: Cyber insurance claims, particularly those related to data and privacy breaches, have seen a significant increase in the first half of 2024, with the U.S. accounting for 72% of large claims in H1 2024, according to Allianz Commercial’s annual cyber risk outlook. The frequency of large cyber claims — those in […]
Threat actors known as Scattered Spider are reportedly turning their attention to the financial sector, hitting banks and insurance groups. Resilience Cyber Insurance Solutions, which has been tracking the group, reports they have targeted 29 companies since April 20. Scattered Spider is the group that was previously linked to disrupting casinos and hotels such as MGM […]
On October 17, 2023, First Financial Security, Inc. (“FFS”_ was the victim of a ransomware attack. The Georgia insurance agency recently notified those affected by the incident that the attack appeared to be an attempt to access and lock all data, including both sensitive and non-sensitive data. “Thankfully, the ransomware attack was not successful in […]
On November 28, the New York State Department of Financial Services (DFS) issued a press release about a settlement stemming from a 2019 data breach: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for […]
At least five class-action lawsuits were filed last week against the two Las Vegas entertainment giants following data breaches reportedly by the same group of threat actors. As Digital Insurance reports, Okta, an identity and access management company used by both firms, issued an advisory in August about hackers tricking IT service staff into resetting […]
In the matter of Remprex, LLC v. Certain Underwriters at Lloyd’s London, policyholder Remprex was thrust into two separate class actions, both involving alleged violations of the Biometric Information Privacy Act (“BIPA”). Remprex could not receive coverage under their media liability policy due to an exclusion of coverage for losses arising from the unlawful collection or […]
GEICO is set to confront a nationwide class action lawsuit after allegedly compromising its customers’ privacy through the unauthorized release of their driver’s license numbers that were later used by identity thieves to secure fraudulent unemployment benefits. US District Judge Kiyo Matsumoto delivered the decision to proceed with the lawsuit in Brooklyn earlier this week, Reuters […]
Not that long ago, few companies even considered purchasing insurance to mitigate their financial exposure from a cyber incident, and for those that did, obtaining a policy was as easy as filling out an application and writing a check. Those days are now squarely in the rearview mirror. Today, companies everywhere are rushing to get cyber […]
Do you know what your cyber policy covers? (Southwest Airlines v. Liberty Insurance Underwriters)
An article by attorneys at Barnes & Thornburg LLP discusses a court case that serves as a useful reminder of how provisions of cyber policies may be interpreted when it comes to coverage of cyber-related incidents — even when those incidents are not data breaches. In 2016, Southwest Airlines suffered a computer system failure that […]