to replace tens of millions of defective airbags made by supplier Takata. The National Highway Traffic Safety Administration has called it the largest and most complex safety recall in U.S. history. Product liability litigation is usually complex and expensive for all parties. A particular burden on defendants is pre-trial discovery in meeting plaintiffs’ requests for documentation. February 2015: One of the largest-ever data breaches is discovered at a major U.S. health care insurance company. The incident exposed more than 80 million patient and employee records, including those of customers living outside the United States. The malware identified in the cyber attack was associated with malicious programs originating in China. In addition to incurring costs for forensic investigations and breach notification, the insurer also faces numerous lawsuits alleging, among other, things, failure to adequately protect its data systems, failure to timely notify customers of the data breach and economic losses including paying for services that should have included protecting personally identifiable information. A judge in February 2016 dismissed certain of the claims but allowed many to proceed. The size of the consolidated class and the theories of liability could well influence future data breach litigation. Adding to the company’s reputational impairment were opportunistic “phishing” attempts to direct affected customers to fraudulent websites after the breach. Costs related to the breach reportedly are expected to total tens of billions of dollars. An evolution of cyber risk that Clyde & Co partners have observed, especially in the past year, is the rise of cyber crime and increasing sophistication of social engineering using technology. For example, some cyber criminals are hacking e-mail and voice-mail systems to fraudulently direct the transmission of funds outside the victimized organization. Traditional crime insurance policies generally exclude voluntary parting of funds, yet the evolution of sophisticated cyber extortion schemes is creating a new source of economic loss, which is what crime insurance is intended to cover. Similarly, business interruption can be as severe from a cyber incident as from a natural disaster, yet a cyber incident typically does not result in a physical loss. Property business interruption policies are designed with a direct or contingent physical loss as the coverage trigger,
yet cyber business interruption is now a serious exposure for a growing number of organizations. As a result, the insurance industry has an opportunity to innovate its products and services to reflect this evolving nature of risk. Working with a law firm that understands the evolution of risk can help insurers to develop new products that capitalize on emerging needs and avoid taking risks where insurers do not intend to do so. The above examples illustrate the web of uncertainty woven by unexpected events. The strands can be much longer and more intricate extending out from the location where the event occurs. From an insurance perspective, property and liability losses can take some time to develop, especially where supply chain disruption and consequential business interruption are involved. Resulting regulatory investigations and penalties as well as third-party litigation further complicate the risk exposure for affected businesses.
2015 Distaster Losses 13% of overall disaster losses were manmade, representing $12 billion vs. $80 billion in natural disasters Source: Swiss Re
3
Made with FlippingBook HTML5