Claims Examples

Below are some recent cyber claims examples. While claims example are a great way to gain a general understanding of how Cyber Insurance works, these examples include outcomes from a variety of Cyber Insurance policies. For advice on how your insurance policy will respond in a specific scenario, it is important to speak to your broker.

Example 1: Business Email Compromise (No Transfer of Funds)

Background

An accounting firm suffered a Business Email Compromise (BEC) event. A staff member clicked on a phising email and the hackers were able to access the business through that staff member's Office 365 email account. No payment requests were successful, however there were significant costs associated with removing the hacker from the network and adhering to the requirements under the Privacy Act, including notifying six individuals whose information was compromised in the attack.

Coverage

Privacy Notification & Crisis Management Expenses. The forensic IT costs in relation to the incident were $25,000, whilst the incident response and legal costs, including notifications to those six individuals and the regulator was $38,000. The total cost of this matter was $63,000.

Example 2: Social Engineering Fraud

Background

An accounts person within a transport company received an email from what they believed to be a regular supplier requesting payment for goods supplied to the company recently. The email stated that the supplier's bank details had been changed due to an ongoing audit and that payment should be made to the new bank account provided. That supplier's email account has been compromised.

Coverage

Social Engineering Cover Payment was made by the Insured, however after a detailed investigation between both parties over the coming weeks, it was concluded that the email was illegitimate, and the money could not be recovered. The total loss to the transport company was $106,000.

Example 3: Ransomware Attack

Background

A recruitment agency head-office employee opened an email which circumnavigated their email filters. The email contained ransomware which locked their IT system down. The agency refused to pay the ransom and began working with their IT provider to restore the corrupted data. Three days later another attack occurred on another one of their servers. At this point in time, all servers were taken offline to assess and temporarily control the situation.

Coverage

Data Recovery & Business Interruption Expenses After an external IT forensic investigation, it was confirmed no personal information held on the agency's system was compromised. However, the cost to restore the agency's system over a two week period was $80,000. A claim of $350,000 in relation to loss of business income also occured. The total cost paid in relation to this matter was $430,000.

Example 4: Network Attack

Background

A data centre which hosted an online retail company's website became the target of a distributed denial of service (DDoS) attack. The incident, which utilised hacked IoT (Internet of Things) devices, flooded the data centre's network with so much traffic that their network failed. This made the online retail company's website inaccessible for a period of six hours before backup systems were able to restore 100% functionality.

Financial Impact

The data centre suffered significant recovery costs. Increased cost of working required to get website functioning properly was $18,000, and the costs to subcontract with an external service provider was $23,000. Lost sales and revenue from the website downtime cost $142,500. There were also incident response expenses including the IT forensic firm ($22,000), legal consultation fees ($15,000) and fees for the incident response manager ($6,000). The total costs from this cyber incident was $226,500.

Example 5: Staff Negligence

Background

An employee at a hardware store ignored internal policies and opened a seemingly innocuous file attached to an email. The next day the hardware store's stock order and cash registers started to malfunction and business trade was impaired as a result of the network failing.

Financial Impact

The store suffered significant recovery costs. Increased staff costs to restore the network to functioning order was $18,000. Business interruption costs from lost and sales and revenue was $50,000. There were also incident response expenses including forensic investigation and response services ($100,000) and fees for an incident response manager ($10,000). The total costs from this cyber incident was $178,000.