Hunton Andrews Kurth Insurance Recovery Team secured a win for a regular customer, The Children's Place ("TCP"), to receive a judgment from a New Jersey federal court in The Children's Place, Inc. vs. Great Am. Ins. Co. 2019 WL 1857118 (DNJ April 25, 2019), where the court allowed TCP to apply for insurance cover for a "social technology system" which deceived the company $ 967,714.29.
TCP became the victim of a hacker who modified electronic documents to trick TCP into believing that it was paying their supplier for real invoices. However, if you were not familiar with TCP, the hacker, via fake e-mails, had a smooth letter and a modified "vendor form", actually provided TCP with the hacker's payment account. The hacker succeeded in his system by infiltrating the parties' e-mail services and intercepting e-mail messages between TCP and the seller.
After learning the fraud, TCP sought insurance coverage under its law enforcement policy with the Great American Insurance Company ("GAIC"). TCP presented claims under three separate covers ̵
After GAIC moved to reject, the court decided that TCP could seek coverage under the policy's fraud prevention, which covers "loss arising directly from the use of any computer to emulate you … employee employee ]] to get direct access to your computer system … and thereby fraudulently causing the transfer of money … from premises or bank premises to a person, entity , place or account beyond your control. "
The Court rejected both GAIC's arguments as to why the coverage of computer fraud would not apply. First, the court rejected GAIC's assertion that the hacker "did not get direct access" to a computer system. In view of Medidata the court held that the hacker's access to TCP's e-mail system and insertion into TCP's e-mail conversation is a direct access to TCP's computer system. Secondly, the court rejected the GAIC's claim that the hacker did not fraudulently caused the transfer of money.
TCP serves as a reminder that people and companies with cybercrime must ensure that they have appropriate comprehensive crime and cyber policies that are carefully tailored to the policyholder's specific cyber risks. Policyholders must also ensure that they endeavor to meet the requirements of covering them and to be prepared to question the insurer's refusal or limitation of coverage, especially when the insurer claims that a technical tint has not been met.
TCP is represented by Walter Andrews, Joshua Paster and Daniel Hentschel.