By Robert Tugander, Esq. of Rivkin Radler LLP
A federal district court in Washington has ruled that an insured company was not entitled to coverage for losses caused when a hacker directed one of the insuredaEUR(TM)s employees to change a vendoraEUR(TM)s bank account information on its computer system.
The Case
Aqua Star (USA) Corp., a seafood importer, purchased frozen shrimp from Zhanjiang Longwei Aquatic Products Industry Co. Ltd.
A hacker allegedly hacked into LongweiaEUR(TM)s computer system and sent fraudulent emails to an Aqua Star employee that directed the Aqua Star employee to change the bank account information for Longwei for future wire transfers. The Aqua Star employee made the changes as directed and ultimately the company was defrauded of $713,890 by the hacker.
Aqua Star sought coverage of its loss from its insurer under a policy covering computer fraud.
The carrier denied the claim, stating that the loss was not directly caused by computer fraud.
Aqua Star sued, and the parties moved for summary judgment.
The District CourtaEUR(TM)s Decision
The district court granted the insureraEUR(TM)s motion for summary judgment.
In its decision, the district court explained that the policy excluded coverage for a loss that resulted from the input of electronic data into the Aqua Star computer system by a person authorized to access the system.
Here, it continued, the Aqua Star employee who changed the bank account information for Longwei had the authority to enter Aqua StaraEUR(TM)s system. Therefore, the district court concluded, the exclusion applied and Aqua StaraEUR(TM)s loss was not covered by the policy.
The case is
Aqua Star (USA) Corp. v. Travelers Casualty and Surety Co. of America, No. C14-1368RSL (W.D. Wash. July 8, 2016).
Rivkin Comment
A similar result was reached in
Pestmaster Services, Inc. v. Travelers Casualty and Surety Co. of America, No. 14-56294 (9th Cir. July 29, 2016).
In this case, the U.S. Court of Appeals for the Ninth Circuit affirmed a district courtaEUR(TM)s decision that a crime policyaEUR(TM)s funds transfer provision did not cover authorized electronic transactions even if they were, or might have been, associated with a fraudulent scheme.
The circuit court also found that the policyaEUR(TM)s computer fraud provision did not afford coverage for the transfer. A transfer pursuant to aEURoeauthorizationaEUR? from the insured aEURoewas not fraudulently caused,aEUR? the Ninth Circuit concluded.
For additional information, contact
Robert at
robert.tugander@rivkin.com or (516) 357-3335