Hacked Company Loses Insurance Battle Over Customer Payment Scam
Hacked Company Loses Insurance Battle Over Customer Payment Scam
The information on this website is general in nature and does not take into account your objectives, financial situation, or needs. Consider seeking personal advice from a licensed adviser before acting on any information.
A company recently faced a significant setback after losing an insurance claim dispute related to funds stolen in a fraudulent email scheme.
Cybercriminals infiltrated the business's email system, sending out fake invoices that directed clients to pay into a bogus bank account.
Consequently, two customers inadvertently transferred a total of $66,148 to the fraudulent account.
Attempts to retrieve this money were unsuccessful, and the customers refused further payments to the company.
The company, holding a management liability insurance policy, sought to claim under its third-party crime coverage to recover the outstanding bills from the customers. However, AIG Australia denied the claim, stating that the policy only addressed "direct financial loss" from theft or fraud by a third party, and argued that since the stolen money belonged to customers, the business itself did not suffer a direct loss.
The Australian Financial Complaints Authority (AFCA) reviewed the case and acknowledged the company's loss. However, it determined that the loss did not align with the policy's specific terms. The ruling emphasized that only the company's customers faced direct financial loss, whereas the company experienced an indirect one due to subsequent non-payments.
The AFCA explained that the hack did not meet the company's policy definition of theft, as the stolen funds belonged to the customers, not the business. This discrepancy meant that the policy's electronic and computer crime coverage was not applicable. Additionally, the policy's criteria for "fraudulent act," which required acts of forgery or counterfeiting the insured had acted upon, were not met since the company was unaware of the false invoices.
This case highlights the critical distinction between direct and indirect financial losses in insurance claims, emphasizing the importance of understanding policy terms. For businesses, particularly those prone to cyber threats, it underscores the significance of having insurance coverage that appropriately addresses loss scenarios stemming from such events. It also serves as a cautionary tale of the complexities involved in recovering from cybercrime attacks without adequate protection.
Moving forward, businesses should ensure robust cybersecurity measures to prevent similar email hacks, coupled with clarifying insurance policies for adequate coverage against indirect financial losses as a result of customer fraud. This scenario may lead insurance providers to reevaluate their product offerings, potentially driving the development of more comprehensive cybercrime coverages. Additionally, the financial sector might witness increased discussions on how to formulate clearer policy definitions that align with the evolving nature of cyber threats.
Please Note: We do not endorse any specific products or companies. Some content is sourced from third parties, including press releases, and may not be independently verified for accuracy or completeness.
HESTA, a leading Australian superannuation fund, has announced a significant reduction in insurance fees, averaging 12% across all cover types. This change is set to take effect from 1 July 2026 and is part of a broader initiative to make insurance more accessible and affordable for its members. - read more
The Australian government has unveiled plans to significantly reduce the growth of the National Disability Insurance Scheme (NDIS), aiming to save $36.2 billion over the next four years. This decision marks the largest single savings measure in the 2026 federal budget. - read more
As 2026 unfolds, Australian insurers have identified three primary challenges: rising premium costs and shrinking insurability, ongoing cyber and data risks, and increasing difficulty in hiring and retaining skilled workers. These insights are drawn from industry feedback cited in Gallagher Bassett’s upcoming report, 'The Carrier Perspective: 2026 Claims Insights.' - read more
Comprehensive insurance is a type of coverage that protects your trade business from various risks and unforeseen events. It typically includes an array of policies that cover different aspects of your business operations. - read more
Running a small trade business in Australia involves various risks, from accidental property damage to unexpected injuries on the job. These unforeseen events can lead to significant financial losses, which might be challenging for smaller enterprises to absorb. That's where comprehensive insurance comes into play. - read more
Public liability insurance is a type of cover that protects businesses and their owners from the financial risks of liabilities that may occur due to damage or injury to a third party. For tradies in Australia, this insurance is crucial due to the nature of their work environment. Working on various sites and handling different tasks increases the likelihood of accidents happening, which makes this type of insurance not only relevant but essential. - read more
Knowledgebase
Policyholder: The individual or entity who owns the insurance policy.
No comments yet. Be the first to share your thoughts.