Cybersecurity » Court Rules Cyber-Insurance Covers Email Scam

Court Rules Cyber-Insurance Covers Email Scam


April 12, 2023

A crime policy is usually required to recover losses from email scams, but a lower court case in Minnesota made a key finding that may facilitate coverage under cyber or business interruption coverage. It suggests that a “data breach” which triggers cyber coverage can occur when an insured’s email system is infiltrated and manipulated. The case involved unauthorized access to a senior staff accountant’s email by a hacker who created “rules” within the account that redirected emails with the words “invoice,” “wire transfer” or “payment” to an account controlled by the hacker. Another bogus rule diverted emails from the accountant’s inbox to a subfolder and marked them as read. While those rules were in effect, the hacker directed a customer to make payments to a bank account he/she controlled. The company had an insurance policy with a “Cyber Business Interruption and Extra Expense” clause providing for payment of “business income” and additional “extra expense” incurred during the period of restoration resulting from a “data breach,” discovered during the policy period and results in impairment or denial of service of “business operations” during the “policy period” — language containing elements of both cyber coverage (“data breach”) and business interruption coverage (loss of “business income …during the period of restoration”). Therefore, some of the court’s determinations are relevant to both coverages. After the insurer denied the company’s claim the company sued, and both parties filed cross motions for summary judgment. The Court granted the company’s motion and denied the insurer’s.

Share this post:

Find this article interesting?

Sign up for more with a complimentary subscription to Today’s General Counsel magazine.