By Edward R. Brown on Posted in Cyber Policies and Issues,Professional ServicesA Florida federal district court has ruled that a claim asserting that an insured’s negligent data security practices led to a payment card breach did not trigger personal injury coverage under a CGL policy. See St. Paul Fire & Marine Ins. Co. v. Rosen Millennium, Inc., No. 6:17-cv-540-Orl-41GJK (M.D. Fla. Sept. 28, 2018). The court… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA Nevada federal district court has applied the “direct means direct” rule to conclude that losses an insured suffered from payment card chargebacks when certain employees made fraudulent charges on customers’ payment cards were only the “indirect” result of employee theft, and therefore not covered under the insured’s commercial crime policy. CP Food & Beverage,… Continue Reading
By Nathan Lovett on Posted in Cyber Policies and IssuesThe U.S. Court of Appeals for the Sixth Circuit, applying Michigan law, has held that the computer fraud provision of a commercial crime policy covers losses from wire transfers sent by the insured pursuant to fraudulent emails. American Tooling Ctr., Inc. v. Travelers Cas. & Sur. Co., 2018 WL 3404708 (6th Cir. Jul. 13, 2018).… Continue Reading
By Bonnie Thompson on Posted in Cyber Policies and IssuesThe U.S. Court of Appeals for the Second Circuit, applying New York law, has held that an email spoofing attack was covered under a computer fraud policy because the attack involved manipulating the insureds’ email system. Medidata Solutions Inc. v. Federal Ins. Co., No. 17-2492-cv (2d Cir. July 6, 2018)… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesThe United States Court of Appeals for the Eleventh Circuit, applying Georgia law, has affirmed a district court’s ruling that a fraudulent scheme using telephones to exploit a computer coding vulnerability in the insured’s system that ultimately led to a loss was not covered under a computer fraud provision in a commercial crime policy. Interactive… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA New York federal district court has ruled that two exclusions in a cyber risk policy barred coverage for a claim alleging violations of the Telephone Consumer Protection Act (TCPA). Flores v. ACE American Ins. Co., No. 17-cv-8674 (S.D.N.Y. Apr. 30, 2018). Among other rulings, the court held that the TCPA was not a “Privacy Regulation”… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesThe U.S. Court of Appeals for the Ninth Circuit has held that an exclusion for loss “resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured’s Computer System” barred coverage under a Computer Fraud insuring clause for a business email compromise/fraudulent instruction scheme. Aqua… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA Colorado federal district court, applying Colorado law, has held that a claim against an information technology consulting firm arising from the firm’s alleged mismanagement of a project to replace its client’s systems did not involve “property damage” (including “loss of use”) under a CGL policy. Ciber, Inc. v. Federal Ins. Co., No. 16-cv-01957-PAB-MEH (D.… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA Florida federal district court, applying South Carolina law, has held that a claim arising out of a data breach alleging that an insured failed to safeguard personal information did not trigger personal and advertising injury coverage under a commercial general liability policy. Innovak Int’l, Inc. v. The Hanover Ins. Co., No. 8:16-cv-2453-MSS-JSS (M.D. Fla.… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA New Jersey federal district court has held that a commercial crime policy does not afford coverage for a loss caused by a fraudulent wire instruction scheme where an imposter, posing as the insured, directed the insured’s customer to pay receivables to the impostor’s account. Posco Daewoo America Corp. v. Allnex USA, Inc., No. 52:17-cv-00483-JMV-MF… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA Michigan federal district court has held that a fraudulent instruction loss caused by a social engineering scheme did not constitute a “direct loss” that was “directly caused by computer fraud” and therefore did not trigger computer fraud coverage under a commercial crime policy. American Tooling Ctr., Inc. v. Travelers Cas. & Sur. Co. of… Continue Reading
By on Posted in Cyber Policies and IssuesThe United States District Court for the Southern District of New York, applying New York law, has held that a cloud-based service provider’s loss resulting from fraudulent wire instructions is covered under a computer fraud and funds transfer fraud policy because the fraudulent email changed data in the provider’s computer system despite use of a… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesA Georgia federal district court has held that a fraudulent scheme using telephones to exploit a computer coding vulnerability in the insured’s system that ultimately led to a loss was not covered under a computer fraud provision in a commercial crime policy. Incomm Holdings, Inc. v. Great Am. Ins. Co., 2017 WL 1021749 (N.D. Ga.… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesThe United States Court of Appeals for the Ninth Circuit, applying California law, has held that a crime policy did not afford coverage for a loss caused by an insured’s initiation of wire transfers based on fraudulent email instructions. Taylor & Lieberman v. Federal Ins. Co., 2017 WL 929211 (9th Cir. Mar. 9, 2017) .… Continue Reading
By Leland H. Jones, IV on Posted in Cyber Policies and IssuesIn another win for an insurer represented by Wiley Rein, the United States District Court for the Middle District of Florida, applying New Jersey and Florida law, has held that the quality of services exclusion in a technology errors and omissions policy barred coverage for a claim that the insured negligently misrepresented the safety and… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and IssuesApplying Texas law, the United States Court of Appeals for the Fifth Circuit has held that a business email compromise loss involving social engineering did not “result[] directly from the use of any computer to fraudulently cause a transfer” and thus did not trigger Computer Fraud coverage under a commercial crime insurance policy. Apache Corp.… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and Issues,Wrongful ActAn Illinois intermediate appellate court has held that a cosmetic surgery center was not entitled to coverage because a claim alleging that it violated the Telephone Consumer Protection Act (TCPA) by sending unsolicited text messages advertising its services did not allege a “privacy wrongful act” under a “cyber claims endorsement” in a medical professional liability… Continue Reading
By Edward R. Brown on Posted in Cyber Policies and Issues,Wrongful ActA Utah federal district court has held there was no coverage under a technology E&O policy because an underlying complaint against two insureds alleged that they knowingly failed to provide certain customer information to the claimant, the insureds’ business customer, which did not qualify as an “error, omission or negligent act.” Travelers Prop. Cas. Co.… Continue Reading
