Target Corp. Cyber Breach Update

Just a month ago we published a blog on Cyber Breach Insurance in the wake of the Target Corp. major cyber crisis.  The economic impact on Target Corp is still in the early stages and we thought an update is in order.

Target shares, which had fallen 11 percent since news of the breach, were up 6.8 percent at $60.37 on Wednesday, 1/26/14.  Target also reported a 46 percent drop in net profit in the crucial holiday quarter.

Insurance Offsets Expenses

Target said of the $61 million in expenses related to the breach during the quarter, $44 million were offset by an insurance payment, bringing the impact to $17 million. 

Cyber insurance policies can cover costs for items such as investigating breaches and repairing networks, compensating credit card issuers for fraudulent activity, fighting lawsuits and responding to regulatory probes.

Target said additional breach-related expenses may include costs for reissuing cards, lawsuits, government probes and enforcement proceedings, legal expenses, investigative and consulting fees, and capital investments.

Collateral Damage

Sean Naughton, of Piper Jaffray, said that Target's reputation for having a top-rate shopping experience had been tarnished by the fact that many customers have either had to have payment cards replaced or find themselves checking their monthly statements more closely, giving them a negative association with the retailer.

Cyber Attack Point

Last week, KrebsOnSecurity reported that investigators believe the source of the Target intrusion traces back to network credentials that Target had issued to Fazio Mechanical, a heating, air conditioning and refrigeration firm in Sharpsburg, Pa.  Investigators believe that those credentials were stolen in an email malware attack at Fazio begining at least two months before thieves started stealing card data from thousands of Target cash registers.

While Target and Fazio continue their debate on compliance and access issues, the fact remains that cyber breaches are costly not only in remediation costs but also in damage to a company’s reputation, current and future sales, stock value, and customer retention. 

Is Your Business Prepared for a Cyber Attack?

Cyber risk is not limited to large businesses.  In fact, any business storing confidential information - social security numbers, driver’s license numbers, credit or debit card numbers and passwords, or medical data - should be concerned with cyber threats and have a plan for cyber breaches.  Part of that plan should be cyber liability insurance.  So, what are the risks businesses are facing?

• Expense of privacy notification, crisis management, and disaster recovery.

• Identity Theft from lost or stolen Social Security numbers or credit card, driver’s license, or financial information

• Lawsuits for damages to customers stemming from a security failure or alleged technology error or omission.  Or alleging invasion of privacy, defamation, or product disparagement involving information residing as email; on laptops, PDAs, flash drives, or servers; or on the Internet.

• Fines or Penalties as a result of actual or potential unauthorized access to private information.

• Security Failure or Internet Virus interrupting business.

• Cyber Extortion threat. 

Information is Key

If you would like more information on Cyber Liability Insurance or have questions, please let us know. For more information on policies available for your specific needs, please contact us and we can guide you on the way to a safer, well protected business.

Dean & Draper is a Trusted Choice insurance agency representing over 200 insurance companies. For over 33 years we have offered a trusted freedom of choice to our clients.  ContactUs.