Courts Continue to Limit Coverage for Data Breach Claims under CGL Policies

Next, the court addressed Millennium’s claim that it was entitled to coverage under Coverage A because the data breach incident resulted in “property damage” (i.e. loss of use of the compromised credit cards). The court noted that because suit had not been filed relating to the data breach incident, the court had to look the notice of claim and demand letter in order to evaluate coverage. Although these documents indicated that Millennium “made private information known to third parties that violated a credit card holder’s right of privacy,” the court held that there was no mention of property damage (i.e. loss of use of credit cards). Accordingly, the court declined to find coverage under Coverage A. Although cyber-security policies are becoming more common, insurers will certainly continue to face claims for coverage for data breach claims under traditional CGL policies given the increasing frequency and magnitude of data breach incidents. To that end, the Millennium case should provide additional support to insurers faced with such claims.

Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.