Theft (via Cyber Attack) Covered by General Liability?

Discussion in 'P&C Insurance Forum' started by TGART, Sep 11, 2015.

  1. TGART
    Offline

    TGART New Member

    Posts:
    3
    Likes Received:
    0
    State:
    New York
    Hi All,

    Looking for some guidance here for a client. Their finance dept was fooled by an email coming from an employees email account which had been broken into. They replicated fairly a fairly standard request for payment though this went to an account owned by the criminals. What's your experience in getting this covered in a standard Commercial Liab policy as theft?

    Thanks!!
     
  2. cgreene
    Offline

    cgreene Guru

    Posts:
    332
    Likes Received:
    0
    This is where cyber insurance comes into play. The GL policy will cover some if your lucky.
     
  3. TGART
    Offline

    TGART New Member

    Posts:
    3
    Likes Received:
    0
    State:
    New York
    Yea, that's what I'm hoping - the theft of money's coverage will kick in. They have internet insurance, though it pertains to the theft of their clients data, not someone phishing and making a fake wire request from an internal source. With any luck the GL will cover a portion and the umbrella the rest. Expensive lesson for sure... needless to say, they're now reviewing their security protocols.
     
  4. kristophmarsh
    Offline

    kristophmarsh Expert

    Posts:
    20
    Likes Received:
    0
    Certainly won't be covered by a standard general liability policy. I wouldn't expect it to be covered by the theft section of a business package or property policy either, unfortunately.

    The best option for having something like this covered is either through a commercial crime or cyber liability policy. If your client is a typical small or medium business, it's unlikely that they'll hold either of these coverages stand-alone; however, you never do know. They'll certainly be thinking about it after running into this!

    For clients concerned about these types of exposures, I'd consider taking a look at Management Liability (ML) policy. Most ML policies include some level of crime coverage, and with a bit of luck, it will cover first and third party theft.

    To give you an idea of what I'm talking about, I took a look at the crime component of the AIG PrivateEdge wording (UK). The policy covers an insured for "financial losses" resulting from "dishonest acts" by any employee or third party. A "third party" is defined as anyone who isn't an employee.

    Quite broad coverage I must say! You'd just need to convince the insurer that it's the insured that suffered the loss and not the employee.

    Alternatively, cyber coverage would be worth a look. But if you could figure out a way to acquire both in a ML product, now that would be something!
     
  5. BigIVU
    Offline

    BigIVU Super Genius

    Posts:
    121
    Likes Received:
    0
    State:
    Tennessee
    The CGL provides coverage for third party claims, not the theft of your own money. The ISO Commercial Crime program has Computer Fraud coverage and the just introduced a form some insurers have been making available for theft by impersonating an employee. There are also cyber policies that should cover this.
     
  6. EObroker
    Offline

    EObroker New Member

    Posts:
    6
    Likes Received:
    0
    There is a specific coverage designed to cover this exposure and it is called Cyber Deception and/or Social Engineering. It can be added via endorsement to a Crime or Cyber policy depending on the carrier. I have been able to cover it both ways for multiple different industries, and have multiple claim examples that can be disscussed. I can help walk you through placing this coverage, as well as provide a product specific brochure for you and your clients. Please free to reach out to me at any time. All the best, Ant!
     

Share This Page