Increasingly, businesses buy cyberinsurance to protect valuable electronic assets, including computer systems themselves and the data stored within them. These policies, however, are relatively young. They frequently utilize terminology taken from traditional property/casualty policies, the meanings of which are informed by decades of case law. These seemingly familiar words, however, are creating novel cyberinsurance issues that may impact the coverage you have, or think you have.
In Nat’l Ink & Stitch, LLC v. State Auto Prop. & Cas. Ins. Co., CV SAG-18-2138, 2020 WL 374460 (D. Md. Jan. 23, 2020), a court addressed a centuries old concept – physical loss – through the cyberinsurance lens. After a screen-printing company suffered a ransomware attack, the company had data stolen and computers rendered partially inoperable. The company filed a claim under their cybersecurity policy, which familiarly stated that the carrier “will pay for direct physical loss of or damage to Covered Property…”.
The company obtained cyber coverage through an endorsement. The Businessowners Special Form Computer Coverage endorsement refined the definition of “Covered Property” to include “Electronic Media and Records (Including Software).” It defined “Electronic Media and Records” to include: