New Way at Access a Data Breach Coach

When a cyber incident hits your real estate agency you need to move quickly to help reduce the damage caused by the bad actor. The 1st step is always to contact a Data Breach Coach for your cyber liability insurance policy. There are 2 ways to do this for active PBI Group cyber liability clients who have the Chubb/ACE policy.

#1) The 24/7 telephone number:  1 (844) 739-7754 which goes to a staffed call center of cyber reporting specialist.

Or

#2) Chubb’s new Cyber Alert mobile application which gives you 1 button access to a cyber reporting specialist who calls you back immediately and captures your information about the incident and begins to marshal the resources to assist.

Both approaches get you to the same Data Beach coach team to provide guidance and help but from our experience, it is faster to use the Cyber Alert app for more immediate contact.  Don’t wait if you think you have a cyber incident happening, make contact now.

Links to app download from the stores: AppleAndriod

Digital Property Replacement Coverage

Digital Property Replacement is a subset of the Breach Rectification coverage of the cyber liability policy that PBI Group recommends. This section covers the replacement of software, data and hardware which has been destroyed because of a network breach of your IT systems. A good example is your email system which could be corrupted during a breach and now users no longer have access to their emails. Below are excerpts from the policy and some commentary to help understand what is covered and not covered in this nuanced section.

 “Digital Property Replacement means those reasonable and necessary costs incurred to replace, restore, or re-collect Digital Property from written records or from partially or fully matching electronic data records due to their alteration, corruption or destruction caused by a Network Security Failure. This shall include Network Security Failure Investigation Expenses; however, in the event that the Digital Property cannot be replaced, restored or recollected, Digital Property Replacement shall be limited to the reasonable and necessary costs incurred to reach this determination. “

 Some importantly related definitions to help explain what is included in the above definition of Digital Property Replacement.

 “Digital Property means software and data in electronic form which is stored on the Your Computer System. Digital Property shall include the capacity of the Your Computer System to store information,process information, and broadcast information over the Internet. “

 “Your Computer System means a Computer System that is leased, owned, or operated by You; or operated solely for Your benefit by a third party service provider under written contract with You.”

 “Computer System means computer hardware (including laptops and mobile devices), software, firmware, and the data stored thereon, as well as associated input and output devices, data storage devices, networking equipment and Storage Area Network or other electronic data backup facilities.”

 So, in general, this section of coverage provides protection to restore your computer systems back to their pre-breach state of operations, including the rebuild of the information inside the systems. But there are some exclusions worth noting.

 “Digital Property Replacement does not include:

  1. costs or expenses incurred to update, replace, restore, or otherwise improve Digital Property to a level beyond that which existed prior to the loss event;
  2. costs or expenses incurred to identify or remediate software program errors or vulnerabilities, or
  3. costs to update, restore, replace, upgrade, update, maintain, or improve any Computer System;
  4. costs incurred to research and develop Digital Property, including Trade Secrets;
  5. the economic or market value of Digital Property, including Trade Secrets;
  6. costs or expenses incurred due to ordinary wear and tear or gradual deterioration of Digital Property, including any data processing media; or any other consequential loss or damage.”

Other Exclusions with some additional clarification:

  1. “Solely with respect to Digital Property Replacement coverage, any transmission of unauthorized, corrupting or harmful software code, distributed attacks, viruses, worms or malware which is self-propagating.”

Digital Property Replacement is a 1st party coverage designed to protect the insured. This means that there is no 3rd party coverage for digital property replacement for someone else’s computer systems which maybe damaged by self-propagating/ harmful code from your computer systems. There may be other coverage under the Network Security and Privacy Liability section of the policy if a 3rd party sues but that is not considered digital property replacement.

  1. “Solely with respect to Digital Property Replacement coverage, any operator error, software error, faulty instruction, unintentional programming error, or failure in project planning.”

This means the damaging event must be breach related, not a flaw in your organization. You can’t cause the issue by something you did to your computer systems.

  1. “Solely with respect to Digital Property Replacement coverage, any accounts, bills, evidences of debt, money, valuable papers, records, abstracts, deeds, manuscripts or other documents, except as they have been converted to data processing media form, and then only in that form.”

This means that the policy will not manually re-collect digital data from physical documents which are listed above. For example, if your billing system was breached and is now destroyed but you have a bunch of physical invoices in boxes which were never entered into a system as data, the policy cover will not work through those physical files to enter them into the newly restored accounting system.

*Based on policy information provided by: Victor O. Schinnerer & Company, Inc.

 

Wire Fraud Scam Getting Worse: New Twist

Here is a recent situation which unfortunately impacted one of our clients and worth sharing in the hope that increased awareness will limit the chance of this happening again. This situation is a twist on the traditional wire fraud scam and shows how far the bad guys are willing to go to steal from your clients.

The title company involved on a transaction was breached by bad guys who found out the specifics of a closing coming up at our insured’s real estate agency.  Instead of the bad guys sending a fraudulent email posing as the title agency they called the agent of the buyer to communicate the updated wiring information for the funds needed to close.  The realtor took the telephone call thinking it was the title company and relayed the information to the buyer who in turned wired the closing funds to a fraudulent bank account.  Luckily a majority of the funds were recovered but not after considerable effort and expense. What makes this more concerning than most wire fraud situations is that neither the E&O policy or the Cyber Liability policy were willing to cover the lost funds.

What makes this different?

An important distinction here is that bad guys are learning that real estate agents are not trusting email as a communication tool for wiring instructions and are adapting by making telephone calls, falsely representing the title company. This is a disturbing new development. Please communicate this to your agents.

How did their liability policies respond?

  • Cyber liability policies are triggered when the insured has a situation where a breach is suspected. In this situation, the cyber policy triggered to provide forensic services to determine the origin of the breach which ended up being the title company. At that point, the policy stops covering any liability since the insured’s systems were not compromised. It is worth noting that even if the bad guys sent an email from the title company to the agent, instead of the telephone call, the cyber policy would not have provided cover for the same reason. No Breach No Cover.
  • The E&O policy has a specific exclusion for any liability resulting from wire transfers. These exclusions are becoming more common in E&O policies since carriers are not interested in the exposure related to wire transfer fraud.

What can you do to protect yourself?

  • Do not get involved in any communication of wire instructions to your client. This includes text messages, email and telephone calls.
  • Create a Fund Transfer Pledge with your clients.
  • If you receive communication regarding a closing, be sure to call the related party by dialing a number that is NOT part of the recent communication since it is likely that telephone number goes directly to the bad guys. Call another number you have on file.