One of the top issues facing business today is the risk of business interruption resulting from a cyber-related attack. Regardless of the form of attack – ransomware, denial of service, data theft, or other form of malware – any resulting failure of an organization’s network systems can have severe consequences, financial and otherwise. These may … Continue Reading
Recently, the Commonwealth Court of Pennsylvania gave policyholders another victory in the continuing battle with insurers over application of the “multiple trigger” doctrine. In Pennsylvania Manufacturers’ Association Insurance Co. v. Johnson Matthey, Inc., the Commonwealth Court held that the multiple-trigger approach – which expands the number of policies potentially available to provide coverage for long-tail … Continue Reading
The October 21, 2016 DDoS attack on the internet’s domain name system infrastructure underscores the need to consider cyberliability insurance coverage as a critical component of your company’s security and privacy breach response plan, and if your company carries cyberliability insurance, to ensure that your coverage will respond to a network business interruption, security breach … Continue Reading
In an encouraging development for insureds, the United States Court of Appeals for the Fourth Circuit held that a health care company’s general liability insurer was required to defend the company against claims stemming from an alleged failure to secure electronic medical records. In The Travelers Indemnity Co. of America v. Portal Healthcare Solutions, L.L.C., … Continue Reading
One year ago today, the Pennsylvania Supreme Court issued the first two of four important insurance-coverage law opinions that it would hand down in 2014 and 2015. Those four decisions – which address a number of topics including insurer bad faith, trigger of coverage, policy exclusions, and settlements and reservations of rights – significantly impacted … Continue Reading
Last week, the United States Court of Appeals for the Third Circuit issued a ruling that may make it more difficult for Pennsylvania policyholders to obtain coverage for the misappropriation of advertising ideas under standard commercial general liability policies. In The Hanover Insurance Company v. Urban Outfitters, Inc., No. 14-3705 (Oct. 23, 2015), the Third Circuit … Continue Reading
Businesses in the dietary supplement supply chain are taking cover after the New York Attorney General (NYAG) ordered four major retailers to cease and desist the sale and alleged mislabeling of certain herbal supplements. After genetically testing store-brand product samples of Ginko Biloba, St. John's Wort, Ginseng, Garlic, Echinacea, and Saw Palmetto, the NYAG alleged that the supplements were unrecognizable or contained substances other than those disclosed on their packaging labels. Class action lawsuits already have been filed, and the NYAG directed the targeted retailers to provide it with detailed information regarding the manufacturing, testing, and procurement of the herbal supplements, and announced that it may bring charges for alleged deceptive practices in advertising.… Continue Reading
On December 19, the U.S. Centers for Disease Control and Prevention (CDC) recommended that U.S. consumers not eat any commercially produced, prepackaged caramel apples and that retailers not sell or serve them as they continue to investigate an outbreak of listeria monocytogenes which has infected at least 28 people from 10 states. The CDC has yet to identify the producer of the contaminated apples. Accordingly, the number of market players in the supply chain who will be affected by this recommendation - from farms through supermarkets - remains unknown.… Continue Reading
A recent study reports that the median amount of time between a breach of a company's computer network and the discovery of the incident is 229 days. But some cyberliability policy forms require that both the breach event and discovery of loss (or resulting claim) occur during the policy period. So what happens when a breach is discovered three months into the policy period but, unbeknownst at the time, the intrusion actually occurred six months before, or even earlier? If your company's cyberliability insurance policy excludes breach events occurring before the inception of the policy period, the company could find itself without coverage for an otherwise-covered claim or loss.… Continue Reading
The evolving market for cyberliability insurance coverage reveals significant differences in the scope of coverage afforded under available policies. A coverage gap that may exist under some policies is for insider cyber attacks. While external attacks receive substantial news coverage, a recent study finds that businesses may be far less equipped to stave off attacks involving insiders: employees, vendors, suppliers and others who may have authorized access to critical or sensitive data.… Continue Reading