First reported yesterday by Michael Levine, Tesco Bank (owned by Britain's largest retailer) stopped online transactions on Monday after hackers stole money from 9,000 accounts. Tesco Bank has started repayments, whose total cost will exceed $ 3 million. Experts estimate that the biggest hit to the bank will be in the form of reputation for reputation.
The bank's financial losses and reputation losses should be covered by a comprehensive insurance system that addresses the most common risks to financial institutions: hacking, social technology, and ransomware. However, many policyholders have struggled to secure negotiations ̵
Ex. Courts are divided on whether the emails usually included in the social technology systems are the "direct" cause of the loss necessary to trigger reporting. Compare State Bank of Bellingham v. BancInsure, Inc. 823 F.3d 456, 460 (8th Cir. 2016) (coverage where a third party's criminal use of malware was "directly" the cause of the loss) with Apache Corp. v. Great Am. Ins. Co. no. 15-20499, 2016 WL 6090901 (5th October 18, 2016) (no covers where e-mail was only a temporary part of the system and thus was not a "direct" cause of the loss) and  Universal Am. Corp. v. Nat Union Fire Ins. Co., Pittsburgh, Pa. N.Y.3d 675, 682, 37 N.E.3d 78 (2015) (third party use of computer systems to submit fraudulent claims not directly cause of loss); see also Medidata Solutions Inc. v Federal Insurance Co. No. 1: 15-cv-00907-ALC (SDNY, September 9, 2015) (the insurer claims on the basis of summary that this policy did not include socially technical losses where fraudulent emails resulted in a voluntary transfer of funds).
Also, losses assumed to be covered cannot be. For example, we have reviewed popular cyber policies that lack cover-to-back coverage to restore system access, a growing financial sector concern.
And even when there is coverage, the sector may risk being replaced by insurers due to representations made in insurance applications. These applications often ask about the applicant's cyber protection. But almost 34 percent of financial corporations are not aware of whether they have been exposed to a cyber attack and 22 percent have no sense if the attacks on their business are increasing or decreasing. Lack of knowledge and accidental erroneous information about cyber protection and attack history can be used against insured persons to avoid coverage. See, for example, HJ Heinz Company v Starr Surplus Lines Insurance Company No. 15-cv-0631 (WD February 1, 2016) (appeal) (revocation coverage for $ 25 million in business interruptions losses due to insured had made unintentional materially inaccurate information on claims history in the insurance application.
To protect against these risks, financial institutions should cooperate with knowledgeable brokers and experienced coverage advisors. with the right cover, to protect against cyber crime.