Grocery chain Schnucks suffered a major security breach earlier this year, and while that is disturbing, at least they had insurance to cover the losses and the inevitable lawsuits that entailed, right? Maybe not.
The company is now facing a lawsuit by its cyber insurance provider over lawsuits resulting from the breach.
While this is a story about a grocery store chain, with the heightened security threat and the increased importance on insurance, all industries, including the manufacturing automation sector need remain on their toes and truly understand what their policy does and does not cover.
Last April, Schnucks discovered more than 2.4 million customer records ended up compromised in a malware attack on its systems.
Liberty Mutual, which provides cyber breach insurance coverage for Schnucks, sued Schnucks last week, saying it should not be liable to pay the costs of eight lawsuits arising from the breach or for claims made by banks that work with Schnucks.
In court documents published by the website Main Justice, Liberty Mutual said it is willing to pay Schnucks’ breach costs, it is not willing to pay costs resulting from lawsuits filed by customers against the grocery chain over the breach of privacy.
Liberty Mutual also said it will not pay costs related to claims by four banks and one payment processor resulting from the breach.
Schnucks’ cyber insurance is part of a multipurpose property damage policy that does not cover suits and claims resulting from a breach, the insurer said.
“For the purposes of this insurance, electronic data is not tangible property,” Liberty Mutual states. “The claims described in the complaints and claims are not for physical injury to or loss of use of any tangible property, but rather for the loss of personal information. Such a loss is not for ‘property damage.’ ”