Hunton Insurance Recovery Blog

The explosive growth of representations and warranties (R&W) insurance over the last decade is no secret.  But, for many, R&W insurance remains an enigma, particularly as respects filing a claim under such policies.  Indeed, even those involved in buying R&W insurance may not have experience on the claims end and, as a result, possess little knowledge on how to navigate the assortment of issues that may arise.  Of course, policyholders pursuing a claim under an R&W policy should be aware of the minefield of issues that await in establishing the two primary thresholds to recovery: breach ...

The head of Hunton Andrews Kurth’s insurance practice, Walter Andrews, was interviewed earlier this week by ABC 7 (WJLA) concerning the need for cyber insurance and the benefits that it can provide to government contractors and other businesses that are impacted by a cyber event.  Andrews explains the diverse spectrum of benefits that are available through cyber insurance products, but cautions that a serious lack of uniformity exists among today’s cyber insurance products, making it crucial that policyholders carefully analyze their cyber insurance to ensure it provides the scope and amount of insurance they desire.

In what has been described as a “watershed” cyber incident, hackers recently used sophisticated malware—dubbed Triton—to take control of a key safety device installed at a power plant in Saudi Arabia. One of the few confirmed hacking tools designed to manipulate industrial control systems, this new breach is part of a growing trend in hacking attempts on utilities, production facilities, and other critical infrastructure in the oil and gas industry. The Triton malware attack targeted the Triconex industrial safety technology made by Schneider Electric SE. The attack underscores the importance of mitigating this and other similar risks through cyber and other traditional liability insurance as part of a comprehensive cybersecurity program.

The U.S. District Court for the Middle District of Florida, in Innovak International v. The Hanover Insurance Co., recently granted summary judgment in favor of Hanover Insurance Company finding that it had no duty to defend Innovak against a data breach lawsuit. Innovak, which is a payroll service, suffered a breach of employee personal information, including social security numbers. The employees then filed suit against Innovak alleging it had negligently created a software that allowed personal information to be accessed by third parties. Innovak sought a defense for the lawsuit from its commercial general liability carrier, Hanover Insurance Company. Innovak argued that the employee’s allegations triggered the personal and advertising injury coverage part of the policy, which covers loss arising out of the advertising of the policyholder’s goods or services, invasion of privacy, libel, slander, copyright infringement, and misappropriation of advertising ideas. The court disagreed and found the employees’ allegations did not involve a publication that would trigger coverage under the commercial general liability policy.

A recent article published by Securityroundtable.org highlights the vulnerabilities businesses face in a world of e-commerce and interconnectivity, and how proper planning through a tailored cybersecurity program that includes - among other components - appropriate insurance coverage for cyber risks can help prevent a successful attack and mitigate the financial impact should one occur. Whether the issue is prevention or risk mitigation, cybersecurity should be at the top of the corporate agenda. As discussed in the Securityroundable.org article, Lisa Sotto, chair of the ...

Earlier this week, HBO announced that it had suffered a "cyber-incident" involving the compromise of "proprietary information" that reportedly includes forthcoming episodes and scripts from popular HBO shows such as Game of Thrones. The HBO breach is the most recent in a growing list of cybersecurity issues faced by Hollywood studios this year. In an e-mail to HBO employees, CEO Richard Plepler called the cyber attack "disruptive, unsettling and disturbing."