Tangible (physical) Losses:
Up to $100 million
Targeted Classes/Industries/ Geographies
All, including, but not limited to the following industries: Retail, Healthcare, Higher Education, Financial Institutions, Manufacturers, Technology, Law Firms, Energy Companies
Risk Consulting Services
Preferred Vendor Services
CyberEdge helps organizations develop effective security risk management programs – underpinned by proactive risk consulting services to help understand areas of vulnerability and what actions should be taken to help prevent an attack from taking place.
CyberEdge’s multi-pronged coverage approach addresses the peril that cyber risk has become and can be purchased through various channels.
Clients are also supported with 24/7 access to the CyberEdge Claims Hotline, which helps clients notify and support the recovery of affected customers, handle crisis communications, and determine exactly what happened.
Ransomware: An insured’s computer server was maliciously attacked by a virus that encrypted their data and demanded a $5,000 ransom to un-encrypt. The insured reported the matter to the FBI and local authorities. The insured did not pay the ransom on the advice of the FBI; rather AIG worked with the insured to engage an expert to perform a forensic analysis of their system. The forensic expert was able to determine that the impacted server did not contain any confidential information but rather the company’s warehouse inventory information. The forensic expert was able to remove the virus and strengthen the insured’s data security protections. AIG reimbursed the insured more than $45,000 for forensic costs incurred.
An insured hospital was notified of a potential HIPAA breach involving protected health information (PHI) of over 40,000 patients. AIG quickly engaged with the insured to retain breach counsel and a forensic investigator. Based on the ensuing investigation, we coordinated with the insured and breach counsel on the selection and retention of vendors to handle the required notification to regulators and patients, offered patients access to identify monitoring protection, and established a call center to handle inquiries and registration for the identity monitoring protection. AIG reimbursed the insured $450,000 for Credit Monitoring and ID Theft Insurance, $175,000 in notification and call center costs, $25,000 in forensic costs, and $90,000 in legal costs. The policy also covered $500,000 in regulatory fines assessed on the insured.
Hackers accessed the insured’s system through a targeted spear-phishing attack. The hackers placed ransomware on the system - which, once activated, encrypted all the data on the insured’s system. Seven servers and hundreds of PCs were affected. The hackers demanded 12 Bitcoin for the encryption keys. The insured engaged with AIG’s cyber claims specialists to coordinate the retention of breach privacy counsel and a forensics firm to respond to the event. AIG and breach counsel coordinated efforts with law enforcement. The insured and the forensics firm were unable to unencrypt the insured’s data and, after consultation with AIG and law enforcement, the insured made the decision to pay the ransom.
We facilitated the retention of vendors to procure the necessary Bitcoin for payment of the ransom. Once paid, the insured received the necessary encryption keys. The system was then gradually brought back online over the course of several days. Ultimately the insured’s business system was offline for 2.5 business days. AIG reimbursed the insured $4,500 for the ransom, $2,500 in Bitcoin procurement expenses and payment, $950,000 in forensic investigation and remediation, $65,000 in legal costs, and $32,000 in public relations costs. In addition, AIG reimbursed the insured $1.1 million for its lost income and $850,000 for additional expenses associated with the outage.
CyberEdge is backed by AIG’s multinational expertise. Confronted with expanding regulatory regimes and increasingly interconnected economies, global businesses consistently turn to our renowned product range and geographical reach to meet their insurance needs. We have local market expertise and on-the-ground resources that span an expansive network of over 200 countries and jurisdictions.
Clients are eligible to receive reports on their cyber maturity and risk by simply completing AIG’s new Cyber Application, bringing clarity and transparency to cyber risk (applicants can also receive a basic level report).
Clients benefit from 24/7/365 access to the CyberEdge Claims Hotline at 1-800-CYBR-345 (1-800-292-7345). Our experienced claims team across the globe can help clients notify and support the recovery of affected customers, handle crisis communications, and determine exactly what happened.
More than 20 million people and 22,000 companies have trusted us to respond to some of the world’s biggest data breaches.
Eligible insureds* receive complimentary risk consulting services to proactively help understand their specific areas of vulnerability and what actions should be taken to help prevent a cyber attack from taking place.
Additional risk consulting tools and services are also available on a paid basis from AIG’s cyber risk consultants, with 20+ years of experience, and our panel of expert preferred vendors.