Cyber coverage protects a Member from financial loss from a data breach in which the Member’s stakeholder’s personal information, such as Social Security or credit card numbers, is exposed or stolen by a hacker or other criminal who has gained access to the Member’s electronic network. This covers a variety of expenses associated with data breaches, including notification costs, credit monitoring, costs to defend claims by state regulators, fines and penalties, and loss resulting from identity theft. Additionally, coverage is provided for liability arising from the website media content, as well as property exposures from (a) business interruption, (b) data loss/destruction, (c) computer fraud, (d) funds transfer loss, and (e) cyber extortion.
Cyber coverage includes:
- Coverage for drafting notification letters, and reporting and communicating as required with any regulatory, administrative, or supervisory authority.
- Credit monitoring, credit freezing, credit thawing, healthcare record monitoring (where available), social media monitoring, password management service, or fraud alert services.
- Expenses related to retaining the services of a public relations or crisis communications firm for the purpose of protecting or restoring the reputation of or mitigating financial harm to Member.
- Expenses for retaining the services of a third-party computer forensics firm to determine the cause and scope of a cyber incident.
- Coverage for continuing normal operating and payroll expenses (net profit before tax) that would have been earned had no interruption in service of a Member's computer system occurred.
- Reasonable & necessary costs incurred by a Member to replace, restore, recreate, re-collect, or recover digital data from written records or form partially or fully matching electronic records. Includes loss from fraudulent infiltration.
- Provides reasonable & necessary expenses incurred including money, cryptocurrencies (including Bitcoin), or other consideration surrendered as payment due to a network extortion event.
- Covers payment for loss of money or securities sustained directly from Social Engineering Fraud committed by a person purporting to be a vendor, client, or an employee ($100,000 sub-limit).
- Monetary assessments, fines, penalties, chargebacks, reimbursements, and fraud recoveries as a result of the actual or alleged failure of payment card loss.
- Deductibles of $25,000, $50,000, or $100,000 depending on annual revenue amount.
- Various sub-limits apply to all coverages.