Hub Logo
Contact  |  En Francais 

Bookmark and Share
Home
About Hub
Our Offices
Regional HUB Pages
Careers
Programs / Associations
Media
Contact Us
How We Get Paid
 
 
Find us on:
linkedin facebook twitter youtube
personal_insurance business_insurance industries brokers_agents investor_relations
Home > Regional Pages > HUB Northeast > HUB Northeast Cyber Insurance

HUB Northeast Cyber Insurance

CYBER INSURANCE/ INTERNET RISK: WHAT CYBER INSURANCE COVERS

The use of the Internet in our every day business operations brings with it new exposures to loss that are uncovered by conventional property and casualty insurance policies. While virtually all businesses have some level of “Internet Risk” by using e-mail or maintaining a virtual private network between branch offices, those who actually transact business online have the greatest potential risk. The following summary details the coverage afforded through a Cyber Insurance Policy:

A. Computer Security – losses relating to the “Failure to Secure your computer system”


1) 1st Party losses relating to stolen or corrupted data via an unauthorized access, transmission of malicious code, “virus” or “denial of service” interruption

Loss of Income, Lost “Digital” Assets, Cost to repair damaged computer system, Public Relations Costs, Cost to combat “Cyber Extortion”

Customer, financial, and operations information once lost may not be easily replaced. By losing your customer information, you also lose future sales. Computer viruses such as the Love Bug or "Denial of Service" attacks can cause a server crash, which without proper back-up facilities in place, can cause considerable loss of revenues, degrade customer service and damage a business' reputation.

2) 3rd Party – “Liability” suits relating to stolen or corrupted data via an unauthorized access, transmission of malicious code, (i.e. “virus”) or “denial of service” interruption

A breach of your network security can result in claims from customers whose client information was stolen, denial of service claims from customers who can't access your site, as well as claims from anyone to whom you, even accidentally, transmitted a deadly computer virus.

Claim Examples:

  • A hacker stole approximately 300,000 customer credit card numbers from an online retailer. The hacker then attempted to use the stolen information to extort $100,000 from the company. Upon the firm's refusal to cooperate, the hacker posted 23,000 card numbers online. As a result of the charge denials, credit card cancellations and re-issuance, the online retailer suffered approximately $2,000,000 in lost income and third-party damages.
  • A hacker overwhelmed several large web sites through multiple distributed denial of service (DDOS) attacks. The culprit hijacked various computers throughout the world to bombard target
    servers with seemingly legitimate requests for data. It is estimated that the DDOS attacks, which interrupted the sites' ability to efficiently conduct their business, caused over $1.2 billion in lost business income
  • Two hackers cracked the computer systems of a major market research firm and subsequently obtained confidential corporate records. The stolen files included employee photographs, network passwords and personal credit card numbers of numerous senior managers. The hackers threatened to reveal the security breach to the company's clients unless the Board of Directors paid them a "consulting fee" of $200,000. Upon retaining expert cybercrime investigators, the hackers were apprehended and prosecuted. The research firm spent approximately $1,000,000 in investigative and public relations fees.
  • In 1999, the Melissa email virus overwhelmed systems of thousands of companies around the world. The operations of at least 60 US-based Fortune 500 companies were brought to a halt due to the inability to handle the massive amounts of incoming and outgoing messages generated by the virus. The virus collectively caused millions of dollars in lost business income.
  •  A disgruntled employee of a major consulting firm downloaded malicious code onto the networks of the firm, its clients and vendors. The code launched confidential information into the public domain and destroyed some critical corporate applications, resulting in more than $10,000,000 in third-party claims.

B. Internet Media Liability

1) “Electronic” Publishing leading to 3rd Party claims
Any information on your Web site - including banner ads - can create legal third-party exposure to alleged libel, slander or defamation, copyright, title or trade-mark infringement, or invasion of privacy. Whether it is static or dynamically generated content, visible or hidden text, there is a risk that someone accessing the information may find it offensive or intrusive. When publishing the content of others, you run the risk of legal liability - especially if the content is not correct and misguides your client's decisions.

Claim Examples:

  •  Invasion of privacy - A dance center listed a former employee's name as a contact person on its Internet web site. The former employee brought suit against the dance center, alleging unauthorized use of her name for advertising purposes and invasion of privacy.
  •  Defamation (email) - An employee sent an email to several officers of his company that questioned the professionalism of a service vendor. The officers further distributed the email throughout the rganization. The vendor learned of the email and brought suit against the employer, alleging that the interoffice email was defamatory.
  •  Defamation (web site) - A company launched a web site that included unfavorable remarks about a competitor. The competitor sued, alleging defamation.
  • Intellectual Property Infringement - An online service allowed a famous author to advertise a book in one of its forums. The online service was sued for copyright infringement by an artist who claimed that the author used certain artwork on the cover of his book without getting the artist's permission.
  • Trademark infringement (domain name) - A bowling alley named “Rock ‘N’ Bowl” had an Internet web site with the domain name “rocknbowl.com.” The operator of a bowling alley in another state, which held a federally registered trademark on “Rock ‘N’ Bowl,” brought suit, alleging trademark infringement.


C. Professional Liability for incidental exposure as a developer of an application used on the internet (aka “Electronic Errors & Omissions”)

Third party claims relating to an error or omission in code or software developed or maintained by the insured.
There is a fine line these days between Technology developer and user. Those that develop and maintain web applications for themselves and/or others may have a traditional professional liability exposure as though they were a technology professional.
By providing publishing, financial, or other Internet services to clients, your company is exposed to significant risk. Professional services over the Internet carry the same legal implications as professional services provided by traditional methods.

Claim Example:

  • An e-tailer brought suit against a Web designer for damages the e-tailer sustained as the result of the unauthorized access of its private data files by a "hacker". The suit alleges that the Web designer negligently designed the e-tailer's Web site by not providing adequate safeguards to prevent such type of intrusion.

For more information, please contact:

Michael Zeldes
Senior Vice President and Chief Sales Officer
Phone: 212-338-2353
Email: Michael.Zeldes@hubinternational.com
> Privacy Policy > Terms & Conditions How We Get Paid-->
© Hub International Limited, 2010. All rights reserved. Website Design & SEO by Marcel Media