Liability coverage usually is purchased by businesses with concerns about personal injuries caused by conventional risks like vehicle accidents involving employees, falls on the premises of the business and product liability issues. However, cyber liability and data breaches have become increasingly common, so insurance coverage for accidental breach of cyber data is important. This blog post provides an overview of the severity of the risk and the nature of such claims for businesses considering their commercial liability needs based on a recent industry study.
Although major security data breaches involving Target, Sony and other large companies have become commonplace in the news, loss claims for breach of customer information is not limited to the few high profile cases that dominate the news. Approximately 16 million confidential records were exposed during an estimated 662 security breaches during 2010 according to Identity Theft Resource, a national nonprofit organization. The cost to businesses of security breaches was staggering with the average loss valued at $2.4 million. The average cost of defense against liability of these claims was $500,000 with $1 million constituting the average settlement or judgment to settle a claim.
The study also revealed the types of data usually involved in data breach claims. Approximately half of the incidents involved unauthorized disclosure of personally identifiable information (PII). Three out of every four of these claims included theft or inadvertent disclosure of credit card information. The authors of the study warn that retail businesses tend to be at a greater risk because their PII data is not always protected by encryption and firewalls. The other category of data loss that frequently is the subject of insurance claims involves personal health information (PHI). This form of data loss comprised 21 percent of breach incidents in the study.
Three sources of data breaches account for 95 percent of all data breach incidents in the study: (1) rogue employees, (2) theft/loss of equipment, and (3) hackers. Data breaches involving unauthorized disclosure or pilfering of private information by current or former employees accounted for almost one in five data breach incidents. This cause of data loss is expected to rise because of continuing tough economic conditions and the relative ease with which employees can sell stolen personal information. Data breaches from theft or loss can occur when employees lose laptops, hard copy records or thumb drives. Lost or stolen equipment constituted the basis for 15 percent of all data breach incidents in the study. Hackers are the most significant cause of data breach events and account for 32 percent of such incidents. Further, this source of data breach is the cause of 75 percent of unauthorized disclosure of private records.
You can reach Miami Insurance Claims Lawyer J.P. Gonzalez-Sirgo by dialing his direct number at (786) 272-5841, calling the main office at (305) 461-1095, or Toll Free at 1 (866) 71-CLAIM or email Attorney Gonzalez-Sirgo directly at [email protected].