Cybersecurity » How Insurers Can Refuse To Cover Hacker Payments

How Insurers Can Refuse To Cover Hacker Payments

Keyboard in shadows, with a white "thumbs down" image on one of the keys.

Insurers sometimes make the argument that paying ransomware or putting out money after falling for an email scam do not constitute “direct lost” and therefore are not covered, according to a post on the Ervin Cohen & Jessup website. The contention of the carrier would be that such losses are “occasioned through some action by the company.” In addition, some policies specifically exclude coverage when “any transfer, payment of or delivery of Money, Securities or Property [is] approved by an Employee…”

There have been cases supporting this type of argument, the writer notes, but more recent cases have been more friendly to insureds. Those include a recent case involving a ransomware payment, and a case where the Ninth Circuit, reversing a district court, held that an accounts payable clerk’s processing of a payment to a scam recipient, at the behest of a party who was impersonating her superior, did constitute a direct loss from fraud.

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

Top 100 Litigator Sues Blue Cross Over His Cancer Treatment

In 2018, Robert Salim, 67, realized he was seriously ill. After numerous […]

Eight States Now Require Pay Transparency in Job Postings

Financial Industry Suing to Foil New Regulations

New rules aimed at lenders, investment funds, and other financial entities would […]

Regulatory Burden Factors Into AI Decision

GC Must Warn Boards Of AI Risks

There are companies investing hundreds of millions of dollars or more into […]

Scroll to Top