As an update to our March 8, 2022 blog post discussing coverage for phishing scams in the context of Ernst & Haas Mgt. Co. v. Hiscox, Inc., 23 F.4th 1195 (9th Cir. 2022), a new Alaska case relied on Ernst & Haas to find...more
The Fifth Circuit has affirmed a district court ruling that a crime policy’s Computer Transfer Fraud coverage did not apply to losses incurred in connection with an email phishing scam. See Mississippi Silicon Holdings LLC v....more
A computer hacker may engage in malicious and criminal conduct, but that doesn’t mean that the conduct is “fraudulent.” In G&G Oil Company v. Continental Western Ins. Co., 2020 Ind. App. LEXIS 126 (Ind. Ct. App. Mr. 31,...more
Media outlets recently reported that Barbara Corcoran, one of the judges on the popular ABC show “Shark Tank,” was the victim of a “spear phishing” scam. See, e.g.,...more
This week, in Crown Bank JJR Holding Company v. Great American Insurance Company, 2020 U.S. Dist. LEXIS 23136 (D.N.J. Feb. 11, 2020), the New Jersey federal court held that loss from mis-wiring bank funds as a result of a...more
It is an all-too-common dilemma. As phishing schemes have become more prevalent and more sophisticated, businesses of all sizes have fallen victim to these attacks where a fraudster will use a spoofed email or other deceptive...more
Last week, the Vermont Supreme Court in Rainforest Chocolate, LLC v. Sentinel Insurance Company, 2018 VT LEXIS 240 (Vt. Dec. 28, 2018), held that the “False Pretense” exclusion in a business-owner policy did not exclude loss...more
Cyber incidents can take many forms—phishing, insider theft, SQL injection, malware, denial of service, session hijacking, credential farming, or just old fashion “hacking.” Although many of these attack vectors employ...more
In this month's Privacy & Cybersecurity Update, we examine recent trends and court decisions, including a new law in Ohio that provides a safe harbor from tort-based data breach claims if the company adopts certain security...more
Fraudsters deploy different computer-related techniques but toward the same end – “gaming the system” for their own financial gain. Some victims turn to insurance for recovery. Four recent federal appellate decisions reveal...more
Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please...more
In this month's edition of our Privacy & Cybersecurity Update, we examine Brazil's new data protection regulation, the French data protection authority's warning to two companies of potential GDPR violations and the U.S....more
As the number and sophistication of social engineering attacks increases, victims are examining their insurance policies to see if they are covered. In The Brick Warehouse LP v. Chubb Insurance Company of Canada, 2017 ABQB...more
In this month's edition of our Privacy & Cybersecurity Update, we examine California's new sweeping privacy law, two U.S. agencies' report on "botnet" threats and the European Parliament's call to suspend the Privacy Shield....more
On insurance coverage issues, sometimes the boat seems to be listing in the wrong direction. For example, insurers have long tilted the decks to avoid coverage for “spoofing” attacks and similar kinds of email fraud by...more
For the second time in ten days, a federal appeals court ruled a crime insurance policy provides coverage for losses arising from a business email compromise. In American Tooling Center, Inc. v. Travelers Casualty and Surety...more
“Phishing” is a scheme in which criminals use spoofed e-mails, copycat websites, or other deceptive communications to trick unwitting companies or individuals into sharing valuable personal information or into wiring money to...more
Scams from business compromise emails (BECs) have been labeled by the FBI as a “$5 billion” problem. Sometimes known as “CEO Fraud,” BECs are where an email, purportedly coming from a high-ranking company official or vendor,...more
Remember the “good” ol’ days when the run-of-the-mill theft involved someone physically taking something tangible? That is so 20th century. Now, thieves and fraudsters are able to use computers and the internet to carry out...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the EU's General Data Protection Regulation going into effect despite some member states lacking in local necessary legislation, a pair of U.S. states'...more
On April 16, 2018, Beazley Group issued a report highlighting increased attacks on Microsoft’s cloud-based business products and services. The report stated that successful attacks typically are achieved by tricking employees...more
In this month's edition of our Privacy & Cybersecurity Update, we discuss all 50 states now having data breach notification laws, state attorneys general and their opposition to a federal data breach notification law, the FBI...more
Due to the dramatic increase and changing nature of cyber risks, mergers and acquisitions due diligence should expand to address cyber risks, available risk mitigation practices, and available insurance. Acquiring companies...more
In this month's edition of our Privacy & Cybersecurity Update, we discuss the Article 29 Data Protection Working Party's critique of the Privacy Shield and the Sixth Circuit's decision to consider the issue of computer fraud...more