This recently happened to a client in the healthcare industry. A hacker placed a ransomware virus in their system 13 months before activating the attack.
Our client dedicates themselves caring for others – the hackers, not so much.
On a random Saturday night, 13 months later, as confirmed by the local and federal authorities, the ransomware virus was triggered, and the client’s systems were frozen. Patients in the facility, whose lives were already at risk, were suddenly placed in a worse situation.
The IT staff immediately alerted the client’s insurance carrier. The insurance carrier alerted the authorities. The attack jeopardized the client’s ability to care for patients. It also disrupted its ability to earn revenue.
Thankfully, the client had proper cyber insurance coverage!
Cyber insurance protects a business against liability for a data breach involving sensitive information, such as social security numbers, credit card information, account numbers, driver’s license numbers, and health records as well as certain other protected information as defined by HIPAA. Depending upon the terms of the cyber policy, it can also reimburse a business for ransom that it must pay to regain access to its systems.
These cyberattacks are so common in today’s world and can be a major headache for business owners. In this case, if RMC had not stepped in, the client would have had a significant loss and could have faced additional exposures.
The cyberattack resulted in an insurance claim of $1,700,000 for reimbursement of the ransom paid to the hackers. However, this was only the beginning of the client’s problems. Because of the severity of this singular event, the premium for the client’s cyber insurance policy was set to increase by at least $400,000 if it could even get coverage. Many insurance carriers will not renew or accept coverage after such a large claim.
This is where RMC Group stepped in. We initiated internal negotiations between the head of the IT Department, Senior Management, and Accounting. As a result of our efforts, the client was able to implement the proper protocols and controls, in both software and hardware, to protect it from another attack.
We were able to negotiate a cyber insurance renewal policy with a premium that increased only $12,000 from the previous year instead of the $400,000 that the client had been facing! This renewal also included a dedicated 3rd party cyber defense company ranked number one globally.
Having a cyber insurance policy does not mean you are properly protected! Does your company have cyber insurance?
If not, or if you would like a review of your business insurance, contact RMC Group at 239-298-8210 or [email protected].