A Matter of "When," not "If"
One of the fastest growing claim areas in our industry is loss from data/privacy breach. Perpetrators of hacking, malware, phishing, spyware, etc. began by targeting larger companies with their attacks. Nationwide Insurance had an attack that affected 1.1 million customers! The larger companies had the resources to fight back with stronger software and firewalls. Now the attacks are being directed toward smaller businesses that have fewer resources to purchase the stronger security.
- It is estimated that over 20% of small businesses have suffered a data breach
- Number of attacks are rising while breach size is declining
- Malicious attacks (hacking or inside theft) constitute 40% of recorded breaches in 2011
- Visa reports 80% of all card breaches arise from merchants with fewer then 50 employees
- The average cost to the business per compromised document is $214.00 (Some of the direct costs are defense, notification, credit monitoring, and regulatory fees.)
In 2005, Maine passed L.D. 2017 and H.P. 1417 “An Act to Amend the Notice of Risk to Personal Data.” This act states that if an information broker (business that has personal information of its clients) becomes aware of a breach of their security system after an investigation (forensic consultant) they MUST notify ALL customers, in this State, of this breach within 7 business days.
Depending on how many customers the business has this could result in huge costs to the business. One small 3 person service firm paid out over $20,000 in notification and investigation costs alone!
This type of loss is not covered unless specifically endorsed on the business’ package policy or written as a separate policy. While once very expensive, the cost for this coverage has come down considerably over the last few years.
Our renewal advisory letters will now offer this coverage as an option; but if your renewal is not coming right up, we encourage you to call us to discuss. Don’t let this type of loss sneak up on you and potentially cripple your business.