The local news is not good for broadcaster Sinclair Inc. (Nasdaq: SBGI), a Fortune 500 company known for the 185 television stations it owns or operates across the US. The company is suing two of its cyber insurance providers, claiming the Continental Casualty Company (or “CCC,” the principal subsidiary of CNA) and Starr Indemnity & Liability each owe the company $10 million in claims stemming from a 2021 ransomware attack. [Check out our related post for inside details and excerpts from the suit, first filed in a Maryland state court in September before being moved to Maryland’s US District Court last month.]
Sinclair is none too happy. “We aren’t going to comment on ongoing litigation; however, we are disappointed that these insurance companies are refusing to honor their coverage obligations unlike other insurers on the same program who covered their portion of our loss,” a spokesman told the Wall Street Journal (paywall may apply). The Journal reported that CCC/CNA and Starr did not respond to requests for comment.
The dispute involves business interruption costs Sinclair incurred after it was hit by a ransomware attack in October 2021 (a year of brutal losses for cyber insurers due to a wave of ransomware attacks). According to Sinclair, the attack reset the passwords of some 10,500 users, encrypted the system’s administrative console and took about a month to resolve. Sinclair’s forensic accountants, Matson Driscoll & Damico LLP (MDD), concluded the hack caused more than $70 million in losses.
The broadcaster had $50 million of cyber insurance via five separate but related “layered” insurance policies that were to pay off one after another (“follow-form policies”) until Sinclair’s claims were paid or the $50 million limit was reached. Axis Insurance wrote the primary policy and paid the first $10 million, followed by the QBE Insurance Group and Philadelphia Indemnity, which each paid their $10 million layers. But when it came time for CNA and Starr to each pay their $10 million layers, they refused.
CCC/CNA said that based on final analysis from its experts at Lowers Forensics International (“Lowers”), Sinclair’s losses were actually about $10.8 million, meaning that after Axis, QBE and Philadelphia paid their layers, no more money was due to Sinclair under the policies. Starr in effect has said in court filings that it doesn’t owe anything until CNA pays its layer and that, in any event: “Coverage under the fourth-layer Starr Policy ($10 million excess of $40 million) is not available because Sinclair did not incur lost net profit in excess of $40 million as a result of its claim.”
Sinclair begs to differ. It claims Lowers originally estimated the losses were around $42 million for just one of Sinclair’s business units and CCC/CNA initially agreed it was on the hook for its $10 million layer.
“On January 31, 2023, CCC’s representative assured Sinclair’s broker that CCC’s payment would ‘absolutely happen [on] February 22d and then we should be able to [over]night a check on that same day,’ that ‘I’m told by my manager who I just spoke with earlier today’ that payment would be by overnight check not wire ‘for this $10 million payment that we plan to make,’ and ‘I also want to reassure that the delay on our end is nothing to do with any sort of issue with the amount…. we’re not questioning the amount,’ and ‘it’s the expectation that it’s our . . . full $10 million limit,'” according to legal filings by Sinclair.
But the check never arrived. According to Sinclair, CCC/CNA “went silent” for months before coming back with that much lower loss estimate of app. $10.8 million and stating that it therefore did not owe its $10 million layer (meaning that Starr, next in line, also did not owe anything.) CCC/CNA admits it “engaged in conversations with Sinclair’s broker while in the process of investigating Sinclair’s claim and developing its coverage position,” but denies those discussions “fully support the allegations” in Sinclair’s complaint. CCC/CNA denies it owes Sinclair its $10 million layer.
Ironically, Philadelphia Indemnity hired experts J.S. Held later in the process to review Sinclair’s losses, but Philadelphia never tried to get out of paying its $10 million layer, which could indicate Philadelphia concluded the losses were indeed higher than the $10.8 million asserted by CCC/CNA.
Other News: Oops: Radiologists Sue Broker Over Lapsed Cyber Insurance Policy(Opens in a new browser tab).