Phishing has been around for decades.  But now, the long-lost ancestor claiming to be a foreign prince is stealing more than your grandmother’s savings.  Phishers are targeting corporations—small and big, private and public—stealing sensitive data and money.  When Policyholders take the bait, they had better have a tailored insurance policy to keep their insurers on the hook as well.
Continue Reading Go Phish: Texas Lawsuit Highlights Need for Tailored Cyber Policies

Hunton and Williams LLP has published its 2016 Retail Industry Year in Review.  The Review discusses the key legal and regulatory developments that affected the retail industry last year.  In the Review, Hunton insurance coverage attorneys Syed Ahmad, Mike Levine and Jenn White discuss the lessons learned from insurance coverage cases that promise to

On October 27, 2016, my colleague, Michael S. Levine, was quoted in Business Insurance concerning the recent decision in Camp’s Grocery Inc. v. State Farm Fire & Casualty Co., which he and I discussed on October 26, 2016 on the Hunton & Williams LLP Insurance Recovery Blog.  In Camp’s, the court refused

On October 25, 2016, the Federal Trade Commission released a guide for businesses on how to handle and respond to data breaches. The 16-page guide details steps businesses should take once they become aware of a potential breach. The guide also underscores the need for cyber-specific insurance to help offset potentially significant response costs.
Continue Reading FTC Issues Data Breach Guide for Businesses, Confirming Uninsured Breach Response Will be Costly

In a case filed in California last week, an insurer once again has taken the position that funds disbursed to computer hackers because of fraudulent commands received via e-mail from hackers are somehow distinguishable from the hacker misappropriating the funds directly. They are not. The typical scheme, via social engineering commonly known as “business e-mail compromise” or “CEO fraud,” involves an e-mail from a high-level executive’s e-mail account directing a subordinate employee to wire funds to a bank account actually owned by a third-party scammer, the true author of the email. Insurers have denied coverage for such liabilities, contending that their policies do not cover voluntary disbursements of company funds – as if the insureds intended to give their funds away to the bad guys!
Continue Reading Insurers Continue to Contend Cybercrime Losses Are Not Covered

In an article recently published in Bloomberg/BNA Privacy and Security Law Report, Hunton lawyers Syed Ahmad, Sergio Oehninger and Patrick McDermott discuss a recent decision finding insurance coverage for a cyber-related incident.  In the article, the authors dissect whether information made available on the internet is “published” if there is no evidence that anyone ever

Earlier this week, Eustis Insurance Co. (Eustis) filed a third-party complaint against wholesale insurance broker, R-T Specialty, Inc. (R-T Specialty), after the broker allegedly failed to properly advise New Hotel Monteleone, Inc. (Hotel Monteleone) about its cybersecurity exposures and coverage that R-T Specialty was tasked to procure. The case represents another example of the exposure that might result from a failure to engage brokers and coverage counsel experienced in the risks to be insured. This potential is especially significant when it comes to cyber exposures, which are vastly different from the legacy exposures that brokers and insurers are accustomed to handling.
Continue Reading Broker Potentially Liable for Inadequate Cybercoverage