Last month, the U.S. Court of Appeals for the Sixth Circuit affirmed a district court holding that the computer fraud rider to a retailer’s Crime Policy covered losses resulting from the theft of customers’ financial information by computer hackers. Retail Ventures, Inc. v. Nat’l Union Fire Ins. Co. of Pittsburgh, Pa., No 10-4576/4608, 2012 WL 3608432 (6th Cir. Aug. 23, 2012). The retailer incurred millions of dollars in expenses and attorney fees related to a data breach in which computer hackers stole customers’ credit card and bank account information. The retailer submitted a claim for the losses under the computer fraud rider to its Blanket Crime Policy, which the insurer denied because the policy excluded third-party theft of “proprietary” or “confidential information.” The retailer filed suit and prevailed on summary judgment. On appeal, the court upheld the district court’s application of a proximate cause standard to determine that the losses were covered as losses sustained as a direct result of the theft. The court also rejected the insurer’s argument that the losses were excluded as losses of “proprietary or confidential information” because the retailer did not “own or hold single or sole right” to the stolen information and the information did not relate to the manner in which the business operated.