/  Cyber Blog   /  What Do Cyber Claims Look Like?
cyber insurance claims

What Do Cyber Claims Look Like?

Cyber Events are unique in that they are usually random – they tend to target any company, regardless of size or industry. Cyber Insurance losses/coverages are split into two categories: First-Party and Third-Party:

Cyber Coverage

Cyber Insurance Claims Examples

Social Engineering – Vendor Email Hacked

The controller for a distributor of component parts was responsible for making regular payments to overseas vendors from which the distributor purchased products for resale in the United States. After many months of working with one particular vendor and receiving regular shipments, the controller received an email that appeared to come from his vendor contact, indicating that the vendor’s bank was having issues with accepting payments, and asking if the next payment could be made to a new bank. Due to the vendor’s overseas location, verification was a challenge. After the supposed vendor applied some pressure, the controller paid the invoice via wire transfer.

The following month, when the real vendor realised that its best customer’s payment was overdue, an investigation determined that the vendor’s email had been hacked, and an imposter had been socially engineering the company into believing that the change in bank information was authentic. In the end, the fraudster stole almost $250,000 from the distributor through this cyber attack.

** This claims example has been provided by Chubb Insurance Company of Australia Limited **

Privacy Breach, Fines & Investigation (First Party & Third-Party Claim)

An IT company misplaced multiple drives that contained personal information for over one million customers. It was unknown whether the drives were lost, stolen or destroyed. The IT company was required to notify the affected individuals, as well as the privacy regulator. The regulator investigated the incident and fined the company for failing to have appropriate safeguards in place to protect customer information.

The company incurred legal fees of $1,000,000 in connection with the regulatory investigation and defending legal actions brought by affected customers and for the costs and expenses in notifying customers their personal information had been lost, stolen or destroyed. The company was also fined $75,000 by the privacy regulator. The total loss to the company exceeded $5,000,000.

This type of scenario triggers multiple Insuring Clauses under a typical Cyber Liability Insurance policy, including privacy fines and investigations.

Data Breach

Users of the Insured’s online network had reported that they had received spam emails from an individual they knew to be an ex-employee of the Insured, to a unique email address that they had created exclusively for use on the Insured’s website. Investigations confirmed that while working for the Insured, the ex-employee had access to the relevant customer databases and forensic IT investigations confirmed the data breach.

Steps were taken to ensure that the ex-employee deleted the data and signed an enforceable undertaking not to use the data in future. The quick action to contain the breach and engage with the regulator meant that the regulatory investigation could be responded to in a way that satisfied the regulator and the costs and risk could be contained.


A professional services company was affected by cryptolocker virus identified as the Lockey virus. A network of 20 computers were affected with users unable to access files, which had been encrypted. Investigations revealed the virus entered the computer network via an infected email attachment which had been inadvertently opened by an employee.

An IT specialist was approached to re-build and restore lost data from the back-up server. The IT costs involved in containing and recovering from the incident were claimed under the Cyber Insurance policy. No ransom was paid as a result of the data recovery efforts.

Employee Error (First Party & Third-Party Claim)

A retailer emailed a group of customers to promote a sale with special discounts available to them. The retailer intended to attach a copy of the flyer detailing the discounts but instead attached a copy of a spreadsheet that contained a customer list, including customer names, addresses and credit card information. The retailer was required to notify all affected customers of the error and offered credit monitoring services.

Several of the affected individuals began legal proceedings against the retailer. The notification costs and credit monitoring costs totalled $50,000, and the amount to settle the legal proceedings with the retailer’s customers combined with the associated legal costs and expenses totalled $100,000.

Most Cyber Risk Insurance policies provide coverage for breach of privacy which includes legal costs, indemnification of third parties and crisis management costs.

** This claims example has been provided by Chubb Insurance Company of Australia Limited **

DDOS – Distributed Denial of Service

An online service provided was hit by a Distributed Denial of Service (DDoS) attack – a type of cyber incident that can be covered by insurance. The DDoS attacks effectively starved the web site host system of resources by flooding it with malicious traffic and preventing legitimate customers logging on or accessing the website. Account Customers utilising the Internet, Mobile Phones and Mobile Apps were unable to log on, new users were unable to set up accounts.

A specialist forensic IT vendor was appointed to investigate and mitigate the attack. The incident involved serious disruption to the insured’s business and loss of income as a result of its website being down for approximately one week at one of the busiest times of the year. The Cyber Security Insurance policy responded to the costs of the IT investigation and remediation and the loss of profits suffered.

** These claims examples have been provided by AIG Australia Limited, Chubb Insurance Company of Australia Limited, and Insurance Australia Group Limited **

Have any questions?

Talk to one of our Cyber Experts today!

About KBI

We are a specialist insurance brokerage with an emphasis on adding value to our clients by helping them make an informed decision. Our approach combines that of an insurance broker and consultant, where we focus on providing expert advice to our clients while customising their insurance program and risk management solutions.

Since starting in 2013, KBI is constantly growing and becoming a leader in the Australian market. Our primary point of difference is that we don’t try to be all things to all people.  We work in niche areas, where we can tailor an offering, advice and broker support to meet the specific area’s needs.

tyler speers kbi
By Tyler Speers

Tyler Speers is an Account Manager at KBI with a focus on Cyber insurance.

Cyber Newsletter Sign Up

Want to keep up to date with all our latest Cyber Insurance news and information? Enter your email to be added to our mailing list.