The Supreme Court of the State of New York held that a commercial general liability insurance policy would not cover damages caused by a third-party hacker’s unauthorized access to a computer. Zurich American Insurance v. Sony Corporation of America, Civil Case No. 651982/2011, Supreme Court of the State of New York (February 2014).
In this case, Sony Corporation suffered a well-publicized security breach that compromised over 70 million of its PlayStation user accounts. When PlayStation Users filed lawsuits against Sony Corporation for alleged damages they sustained from this security breach, the insurance companies that represent Sony Corporation filed declaratory lawsuits for the court to determine whether Sony Corporation’s commercial general liability insurance policy would cover it for the alleged damages caused by a third party’s unauthorized access to its computer network.
The Supreme Court of the State of New York found that Sony Corporation’s commercial general liability insurance policy was written to only cover security breaches committed by the insured, Sony Corporation, and not third party hackers. As a result, it appears that Sony Corporation’s insurance policy will not cover its defense and expenses in the PlayStation security breach lawsuits.
Due to the daily number of security breaches, the insurance industry is now offering new insurance options to businesses that would cover them for liability resulting from security data breaches committed by third-party hackers.
If you believe that your computer, website, cloud account, email account, or other device connected to the Internet was accessed without your authorization or access exceeded your authorization, or if you have been wrongly accused of accessing a device connected to the Internet without authorization, please contact Computer Law Attorney Mark Ishman at the Ishman Law Firm at (919) 468-3266 or mishman @ ishmanlaw.com. To learn more about computer law, visit Mark Ishman’s computer hacking law web-page http://www.ishmanlaw.com/hacking-unauthorized-access.php.