Scary cyber stories from the Business World vol 2

Don’t let a cyber incident destroy your client’s business! Check out these four claims examples of phishing, systems damage, ransomware and privacy fines to help explain cyber risks to your clients.
Privacy fines and investigations
An IT company misplaced multiple drives that contained personal information for over one million customers. It was unknown whether the drives were lost, stolen or destroyed. The IT company was required to notify the affected individuals, as well as the privacy regulator. The regulator conducted an investigation into the incident and fined the company for failing to have appropriate safeguards in place to protect customer information.
As a result....
The company incurred legal fees of $1,000,000 in connection with the regulatory investigation and defending legal actions brought by affected customers and for the costs and expenses in notifying customers their personal information had been lost, stolen or destroyed. The company was also fined $75,000 by the privacy regulator. The total loss to the company exceeded $5,000,000.
How CGU Cyber Defence would protect this client...
This type of scenario triggers multiple Insuring Clauses under the CGU Cyber Defence policy including privacy fines and investigations.
A company accountant of a local manufacturing firm received an email from her boss asking her to transfer $120,000 to a supplier abroad. Because this was a common type of request, she processed the payment before realising that the tone of the email wasn’t right and the domain name was a single letter off. Upon further investigation, it was found that cyber thieves had infiltrated their systems and grew knowledgeable enough about company dealings to send a convincing phishing email that lost the company thousands of dollars.
As a result....
The company lost the $120,000 and incurred costs to secure their IT system.
How CGU Cyber Defence would protect this client...
CGU Cyber Defence provides coverage for the loss of money caused by phishing scams and the costs to secure IT systems.
System damage and business interruption
A leading provider of Managed Services including IT platform hosting, infrastructure and support services to numerous customers, experienced a cyber attack where malicious software was implanted and ‘masking techniques’ were used on the company’s mainframe. As a result, the company’s customer data was stolen.
As a result....
It cost over $2,100,000 to resolve the issue including $1,200,000 incurred for data recovery and business interruption loss.
How CGU Cyber Defence would protect this client...
CGU Cyber Defence provides coverage for the cost of the data recovery and the loss of profits caused by the business interruption.
Rasomware and extortion
A small accounting firm’s client records were locked by ransom software. The company was only able to get files released after paying a ransom of $50,000 to hackers.

As a result....
The firm contacted law enforcement and working with law enforcement, determined the payment should be made. $150,000 was paid for business interruption loss, the ransom demand ($50,000) plus consultants’ costs to advise on handling and negotiating the ransom, and the costs to restore the network as the hackers refused to release the files despite the ransom payment.
How CGU Cyber Defence would protect this client...
CGU Cyber Defence provides coverage for the payment of extortion monies and costs involved in negotiating, mediating and crisis managing to end the security threat.

Read more cyber claims examples and about CGU's Cyber Defence cover at the CGU Cyber Defence microsite.