Hunton Andrews Kurth LLP
  January 1, 2019 - United States of America

Year in Review: Top Insurance Cases of 2018

2018 was a busy year for courts deciding insurance coverage disputes. Many of those decisions will shape the coverage landscape for years to come. Policyholders enjoyed their fair share of the wins, including substantial victories in areas involving social engineering to disgorgement of corporate gain. We take this opportunity to reflect on some of the year’s most notable coverage decisions. 

Social Engineering

2018 was a banner year for decisions addressing losses resulting from social engineering phishing, spoofing and other schemes of trickery and deception. 

 

- 2nd Cir. Affirms Medidata’s Spoofing Loss is Covered Under Crime Policy’s Computer Fraud Provision. Medidata Solutions, Inc. v. Federal Ins. Co., 17-cv-2492 (2d Cir. July 6, 2018). 

In one of the most closely watched social engineering cases—we blogged about the early stages of this case in 2016 and 2017—the Second Circuit Court affirmed a district court’s summary judgment award in favor of Medidata Solutions, Inc., finding that the $4.8 million loss Medidata suffered after it was tricked into wiring funds to a fraudulent overseas account triggered coverage under a commercial crime policy’s computer fraud provision. The appellate court found that the entry of data into the computer system squarely satisfied the computer fraud provision, which affords coverage for loss stemming from any “entry of Data into” or “change to Data elements or program logic of” a computer system. The Second Circuit rejected the insurer’s argument that Medidata’s loss did not actually result directly from the spoofing attack, finding the actions of Medidata’s employees “[in]sufficient to sever the casual relationship between the spoofing attack and the losses incurred.” The Second Circuit declined Federal’s request for reconsideration. 

 

- Second Major Policyholder Win For Social Engineering Schemes. American Tooling Center, Inc. v. Travelers Casualty and Surety Co. of America, No. 17-2014, 2018 WL 3404708 (6th Cir. July 13, 2018). 

On the heels of the Second Circuit’s decision in Medidata, the Sixth Circuit reversed the district court’s grant of summary judgment in favor of the insurer in a dispute where American Tooling lost $800,000 after a fraudster’s email tricked an American Tooling employee into wiring that amount to the fraudster. In rejecting the district court’s finding that coverage under the insurance policy for computer fraud did not apply because the loss was not “directly caused” by computer fraud, the Sixth Circuit found that the loss was an immediate and proximate result of the fraud because American Tooling immediately sustained harm the moment it transferred the money as a result of the fraudulent email. Notably, the Sixth Circuit rejected Travelers’s request for reconsideration of the ruling.

 

The Medidata and American Tooling cases continue to mark the breadth of coverage available to policyholders under commercial crime policies for social engineering and other computer-related fraudinduced losses. The decisions also help overcome the false distinction that insurers have tried to maintain between a computer hack-type event and a social engineering intrusion, both of which necessarily entail accessing the target’s computer systems or data and manipulating those systems in a fraudulent manner. 

To continue reading the full article please click HERE.




Read full article at: https://www.huntonak.com/images/content/5/5/v2/55492/top-insurance-cases-2018.pdf