A second insurer has refused to pay out over the NotPetya cyberattack based on an act of war exclusion, prompting growing concerns for businesses relying on cybersecurity insurance to shield them from damage.
Insurer Hiscox is believed to be refusing to pay a claim by multinational law firm DLA Piper over damage caused by the NotPetya cyberattack, citing the act of war exclusion due to the suspected involvement of the Russian government.
It follows a similar refusal by Zurich to Mondelez, which saw the insurer also decline to pay damages caused by NotPetya due to the act of war exclusion clause.
Mondelez is now suing Zurich for $100m over the decision.
NotPetya, which occurred in 2017, was
a cyber weapon disguised as ransomware attack that really a disk wiper. It is believed to have been designed to target the Ukranian government and infrastructure companies, but affected businesses across Europe and, to a lesser extent, the US. The cost to businesses is thought to total more than $1.2bn.
Find out how affordable new-school security awareness training is for your organization. Get a quote now.