Cyber Claims Examples from Small Businesses

Where cyber insurance steps in

Today we take a look at how some small to medium Australian businesses responded and recovered from various cyber events and how their insurance was able to assist. In the past 12 months the majority of all cyber attacks against Australian businesses were targeted at small to medium size businesses. Many owners have heard the buzzwords and have seen the major international incidents on the news but haven’t seen relatable cyber claims from Australian businesses.

Eye Surgery Clinic

• 2 Locations
• 15 Employees
• $8 million turnover

Incident

An employee opened an email attachment which contained ransomware,  causing the Insured to lose access to their network of digital patient records. The cyber criminals demanded ransom payment in Bitcoin of approximately $6,000 at the time of writing. Both practice’s were able to continue trading however at greatly reduced efficiency as they had not used paper records for accepting and treating patients in years. Despite having access to some paper filing, the business was not able to raise invoices as this is part of a paperless system. Forensic Investigators were able to recover the vast majority of data and restore the paperless system.

Outcome

$126,000 in forensic IT expenses, First Party damage and lost work hours.

Law Firm

• 1 Location
• 55 Employees
• $20 million turnover

Incident

An unknown organisation gained access to a law firm’s network and may have gained access to sensitive client information, including a public company’s acquisition target, another public company’s prospective patent technology, the draft prospectus of a venture capital client, and a significant number of class-action lists containing plaintiff s’ personally identifiable information (PII). A forensic technician hired by the law firm determined that malware had been planted in its network. Soon after, the firm received a call from the intruder seeking $10 million to not place the stolen information online.

Outcome

The law firm incurred $2 million in expenses associated with a forensic investigation, extortion-related negotiations, a ransom payment, notification, credit and identity monitoring, restoration services and independent counsel fees. It also sustained more than $600,000 in lost business income and extra expenses associated with the system shutdown.

$2.6 million total costs

Help protect your business with cyber insurance.

Get a quote today!

Raw Materials  Manufacturer

• 1 Location
• 28 Employees
• $7.5 million turnover

Incident

The Insureds system was hacked via an email they received carrying a Ransomware virus. The virus prevented them from having any access to emails and their network. The criminals held the clients system to ransom and would only release files if the client paid $12,500. The fact that the client had numerous file shares and common storage areas made their system particularly vulnerable to attack and made it easy for the ransomware to encrypt nearly every file in their system.

Outcome

$12,500 in ransom costs plus an additional $25,000 in IT expenses related to diagnosing the problem, decommissioning the old servers and installing a new network.

Hardware Store

• 1  Location
• 20 Employees
• $5 million turnover

Incident

An employee at a hardware store ignored internal policies and procedures and opened a seemingly innocuous file attached to an email. The next day the hardware store’s stock order and cash registers started to malfunction and business trade was impaired as a result of the network failing.

Outcome

The hardware store incurred over $100,000 in forensic investigation and restoration services. They also had additional increased working costs of $20,000 and business income loss estimated at $50,000 from the impaired operations.

$170,000 total costs

Health Clinic

• 1 Location
• 7 Employees
• Turnover: unknown

Incident

A small health clinic discovered that an unauthorised third party had gained remote access to a server that contained electronic medical records. The third party posted a message on the network stating that the information on the server had been encrypted and could only be accessed with a password that would be supplied if the insured made a “ransom” payment. The insured contacted law enforcement and working with law enforcement, determined that the payment ($2,500) should be made. The payment constituted cyber extortion monies under the policy. Furthermore loss of business income amounted to $65,000 and IT forensic costs of $5,000 were paid in accordance with the coverage provided by other sections of the policy.

Outcome

$72,500 in ransom, forensic IT and lost business income costs

Help protect your business with cyber insurance.

Get a quote today!

Conclusion

Regardless of staff size, turnover or industry, all businesses have a possible exposure from the ever increasing reliance on information technology. From most reports it is only a matter of time rather than a matter of being secure or not.

More cyber claims examples each month

Thanks to DUAL, Chubb and LUAW for their claims examples.