Phishing has been around for decades.  But now, the long-lost ancestor claiming to be a foreign prince is stealing more than your grandmother’s savings.  Phishers are targeting corporations—small and big, private and public—stealing sensitive data and money.  When Policyholders take the bait, they had better have a tailored insurance policy to keep their insurers on the hook as well.

Continue Reading

The City of Baltimore is the latest victim of increasingly common ransomware attacks. On May 7, 2019, unidentified hackers infiltrated Baltimore’s computer system using a cyber-tool named EternalBlue, developed originally by the United States National Security Agency to identify vulnerabilities in computer systems. However, the NSA lost control of EternalBlue, and since 2017, cybercriminals have used it to infiltrate computer systems and demand payment in exchange for relinquishing control. For instance, in Baltimore, the hackers have frozen the City’s e-mail system and disrupted real estate transactions and utility billing systems, among many other things. The hackers reportedly demanded roughly $100,000 in Bitcoin to restore Baltimore’s system. The city has refused to pay.

Continue Reading

The Hunton Andrews Kurth insurance recovery team secured a victory for firm client, The Children’s Place (“TCP”), obtaining a ruling from a New Jersey federal court in The Children’s Place, Inc. v. Great Am. Ins. Co., 2019 WL 1857118 (D.N.J. Apr. 25, 2019), in which the court allowed TCP to seek insurance coverage for a “social engineering scheme” that defrauded the company of $967,714.29.

Continue Reading

Insurance partner Michael Levine is teaming up with Hunton’s Michael Perry and Adam Solomon and Jones Day’s Lisa Ropple to discuss cybersecurity litigation and insurance coverage presentation for the Massachusetts Bar Association. The presentation, sponsored by the MBA’s Complex Commercial Litigation Section, will take place on Wednesday, March 20th at 4:30 pm at the MBA’s office in Boston. Topics will include:

  • General litigation claims arising from cybersecurity incidents and defenses available to companies facing these claims.
  • Safeguards to prevent cyberattacks from outside sources.
  • Insurance coverage issues arising out of cybersecurity incidents.


Continue Reading

Hunton insurance associate Andrea DeField will be speaking on a plenary panel titled “Transferring the Risk: A Professional’s Checklist for Procurement of the Cyber Liability Policy” at the University of South Carolina School of Law’s 2019 Cybersecurity Legal Institute. The event will take place on April 4th in Columbia, South Carolina. Additional information about

In an article appearing in CyberInsecurity News, Hunton insurance recovery partner, Michael Levine, comments on Zurich American Insurance Company’s attempt to invoke a so-called “war exclusion” as a basis for not paying business income losses suffered by snack food giant Mondelez International.  As Levine expains, so-called “war exclusions” have rarely been invoked and

In January we wrote about Rosen Millennium Inc.’s (“Millennium”) appeal to the Eleventh Circuit, whereby Millennium took the position that a Florida federal court ignored well established Florida insurance law when it ruled that St. Paul Fire & Marine Insurance Co. had no duty to defend it against a multimillion dollar claim arising out of a 2016 cybersecurity breach.

Continue Reading

Rosen Millennium Inc. (“Millennium”), the cyber security and IT support subsidiary of Rosen Hotels & Resorts, Inc., has appealed to the Eleventh Circuit contending that a Florida federal court ignored Florida insurance law when it ruled that Travelers Insurance Company has no duty to defend it against a multimillion dollar claim arising out of a cybersecurity breach.

Continue Reading

Notwithstanding the absence of a congressional war declaration since Japan bombed Pearl Harbor, Zurich American Insurance Company has invoked a “war exclusion” in an attempt to avoid covering Illinois snack food and beverage company Mondelez International Inc.’s expenses stemming from its exposure to the NotPetya virus in 2017. The litigation, Mondelez Intl. Inc. v. Zurich Am. Ins. Co., No. 2018-L-11008, 2018 WL 4941760 (Ill. Cir. Ct., Cook Cty., complaint filed Oct. 10, 2018), remains pending in an Illinois state court.
Continue Reading

Hunton Andrews Kurth insurance partner Michael Levine was recently interviewed by LegalTech News concerning Ohio’s recent adoption of the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. The law, modeled after the New York State Department of Financial Services Cybersecurity Requirements for Financial Service Companies Act, seeks to provide a framework for