A federal appeals board upheld a lower court decision in favor of a Starr Insurance Cos. Unit Friday in a dispute over the interpretation of a cyber policy in connection with an apparent phishing system.
In June 2017, Starr Surplus Lines Insurance Co. issued a "Security & Privacy Response Policy" to Alorica Inc., an Irvine, California-based customer service company, which provided up to $ 10 million in coverage with a $ 500,000 retention, according to legal documents in Alorica Inc. v Starr Surplus Lines Insurance Co.
Between October and December 2017, an unknown party infiltrated Alorica's email system, presumably through a phishing scam, urging Alorica customers to transfer payments to their own accounts, according to court documents.
These clients included St. Louis-based Express Scripts Holdings Inc., which in response to emails, linked $ 4.8 million to Alorica to a fraudulent account.
In a letter dated September 28, 201
After Starr informed Alorica that the issue did not trigger a claim under its coverage, Alorica sued the insurer at the U.S. District Court in Pasadena on charges of breach of contract and breach of the union in good faith and fair trade.
The lower court ruled in Starr's favor and was upheld by a unanimous three-judge appellate court. The Express Scripts letter does not fall within the definition of a requirement under the policy, the appeals panel said.
'In the relevant part, the policy defines a' claim 'as a' written demand for monetary or non-monetary relief. "Express's letter does not fall within that definition," it said.
Lawyers in the case did not respond to a request for comment.
In February, a federal district court in Dallas ruled that American International Group Inc. and Beazley PLCs were not required to compensate a property management company for money lost in a phishing system because it never technically contained the stolen funds.