A California federal court found coverage under AIG’s general liability policy for the defense and indemnity of email scanning suits against Yahoo!. Those suits generally alleged that Yahoo! profited off of scanning its users’ emails. Because the allegations gave rise to the possibility that Yahoo! disclosed private content to a third party, the court found

Hunton Andrews Kurth insurance practice head, Walter Andrews, recently commented to the Global Data Review regarding the infirmities underlying an Orlando, Florida federal district court’s ruling that an insurer does not have to defend its insured for damage caused by a third-party data breach.

Continue Reading

As reported yesterday in Business Insurance, Lloyd’s of London underwriters have agreed to insure digital currency storage company, Kingdom Trust Co., against theft and destruction of cryptocurrency assets.  The cover comes after almost a decade-long search by Kingdom Trust for insurance to cover its crypto-assets.  According to the BI, Kingdom Trust sees the availability of insurance as a key factor in bringing institutional investors into the marketplace by dispelling concerns about lack of traditional safeguards in the emerging crypto-asset space.

Continue Reading

The Sixth Circuit has rejected Travelers Casualty & Surety Company’s request for reconsideration of the court’s July 13, 2018 decision, confirming that the insured’s transfer of more than $800,000 to a fraudster after receipt of spoofed e-mails was a direct loss” that was “directly caused by” the use of a computer under the terms of ATC’s crime policy.  In doing so, the court likewise confirmed that intervening steps by the insured, such as following the directions contained in the bogus e-mails, did not break the causal chain so as to defeat coverage for “direct” losses.

Continue Reading

The Second Circuit has rejected Chubb subsidiary Federal Ins. Co.’s request for reconsideration of the court’s July 6, 2018 decision, confirming that the insurer must cover Medidata’s $4.8 million loss under its computer fraud insurance policy.  In July, the court determined that the loss resulted directly from the fraudulent e-mails.  The court again rejected the insurer’s argument that the fraudster did not directly access Medidata’s computer systems.  But the court again rejected that argument, finding that access indeed occurred when the “spoofing” code in emails sent to Medidata employees ended up in Medidata’s computer system.

Continue Reading

In a recent article appearing in Florida’s Daily Business Review (available here), Hunton Insurance Recovery Practice team head, Walter Andrews, explains why phishing and whaling scams should be covered by insurance.  In the article, Andrews notes that recent appellate decisions support policyholders’ reasonable expectations of coverage and reject insurers’ contentions that social engineering losses

On Monday, a Nevada federal court held that U.S. Fire Insurance Co. (“U.S. Fire”) need not cover its insured, CP Food and Beverage, Inc. (“CP”), a strip club, under its commercial crime policy for a scheme perpetrated by its own employees that resulted in the theft of money from CP customers. A copy of the decision can be found here.

Continue Reading

In a recent post, we discussed the Sixth Circuit’s holding in American Tooling Center, Inc. v. Travelers Casualty and Surety Co. of America, No. 17-2014, 2018 WL 3404708 (6th Cir. July 13, 2018), where the Sixth Circuit reversed the district court’s summary judgment for the insurer, finding coverage under its policy for a fraudulent scheme that resulted in a $834,000.00 loss. The insurer, Travelers, has now asked the Court to reconsider its decision.

Continue Reading

The Sixth Circuit, in American Tooling Center, Inc. v. Travelers Casualty and Surety Co. of America, No. 17-2014, 2018 WL 3404708 (6th Cir. July 13, 2018), reversed the District Court’s grant of summary judgment in favor of the insurer in a dispute over coverage for a social engineering scheme. The policyholder, American Tooling, lost $800,000 after a fraudster’s email tricked an American Tooling employee into wiring that amount to the fraudster.

Continue Reading

In a July 9, 2018 article appearing in Insurance Law360, Hunton Andrews Kurth insurance recovery practice head, Walter J. Andrews, explains why the Second Circuit’s decision in Medidata Solutions Inc. v. Federal Insurance Co., No. 17-2492 (2nd Cir. July 6, 2018), affirming coverage for a $4.8 million loss caused by a “phishing” e-mail attack, is a common sense application of the plain language of Medidata’s computer fraud coverage provision.  As Andrews explained, “[c]learly, hijacking — or spoofing — email addresses constitutes an attack on a company’s computer system for which a reasonable policyholder should expect coverage. A computer is a computer is a computer. Everyone knows that — except for insurance companies.”

Continue Reading