Cyber Risks Insurance - Alorica, Inc. v. Starr Surplus Lines Insurance Company (2021)
The US Ninth Circuit Court, on 9 April 2021, held that a victim of a phishing attack was not entitled to cyber coverage for an outstanding debt erroneously paid by its client to hackers pursuant to an impersonated email request for payment.
Hackers impersonated the insured and asked in emails to the insured's clients to send funds to fraudulent bank accounts. One client transferred over US$4.8m and, after, sent a letter to the insured refusing to make any payments for the debt still owed to the insured. The insured requested insurance coverage for the debt.
The Security & Privacy Risk Response Policy defined a covered 'claim' as a "written demand for monetary or non-monetary relief". The Ninth Circuit Court held that there was no coverage since there was "no case in which the refusal of another's demand, without more, has been held to constitute a demand."
Comment - Policyholders must consider their cyber risks coverage requirements in careful detail to ensure the most likely types of cyber risk exposures are covered.
To download a PDF copy of the Memorandum of decision, please Click Here
By Celso De Azevedo
Tel: +44 (0)20 7421 80512
Celso De Azevedo is a highly experienced international cyber, reinsurance and commercial dispute resolution barrister and qualified New York Attorney. He is regarded as a leader in the fields of high value international litigation and arbitration.