Estimated reading time: 3 minutes
As the cyber insurance industry grows, there are more and more claims, leading to more and more settlements, leading to an increasing number of lawsuits by “subrogees.” These are insurance companies that use the process of “subrogation” to assume their insured’s legal rights to pursue recovery of money paid by the insurance company in a claim settlement. For example, if a cyberattack causes a loss and the insurer pays the claim, the insurance company may seek reimbursement from the attacker or another liable part. The most recent example is Berkley Insurance Company, which recently filed a lawsuit as a subrogee in a Pennsylvania federal court.
Business Email Compromise (BEC)
Berkley seeks to recover more than $1 million it paid to its client, PPL Corporation, after an alleged business email compromise (BEC) breach. The incident traces back to August 2023 when a hacker infiltrated the email system of Alliance Systems Integrators, Inc., a service provider for PPL, and used the access to executive a fraudulent payment scam.
In this case, a key allegation is that Alliance missed its requirement to notify PPL within one day, or a reasonable period, that its email system had been compromised.
“After discovering the misdirected transfers, PPL submitted an insurance claim to Berkley Insurance Company under its commercial crime policy. Berkley evaluated the claim, determined that it was covered under the policy, and after application of the deductible, issued payment to PPL. In exchange for payment, PPL assigned to Berkley any and all of its rights, titles, interest, claims, causes of action, or rights of recovery arising from or relating to its loss to the extent of Berkley’s payment,” reported Insurance Business Magazine on September 8th.
Read the Complaint from Berkley
You can read the first few pages of Berkley’s legal compaint below. Remember, these are the plaintiff’s claims, do not include Alliance’s response, and have not been proven or disproven in court.
Related Posts
