Would your insurance cover you if your company ‘did an Equifax’? Time to check with specialist brokers and/or lawyers…:
[…] Notably, directors and officers of companies that fall victim to a data breach sometimes face additional liabilities. Shareholder and regulatory enforcement actions against directors and officers are on the rise, and increasingly are an inevitable—and expensive—consequence of a data breach. Even for breaches far smaller in scope than the one suffered by Equifax, corporate directors and officers can often face the blame for a company’s unsatisfactory cybersecurity and data privacy practices, as well as inadequate insurance to protect against related risks. The added wrinkle in the cybersecurity context, however, is that traditional D&O insurance policies designed to protect these officers typically contain “invasion of privacy” exclusions that may knock out all potential coverage for claims relating to a data breach. And while policyholders may assume that their cyber insurance coverages will fill that void, many cyber insurance policies contain their own exclusions for shareholder or securities claims. Coverage counsel can help corporate officers to structure their company’s D&O and cyber insurance coverages so that they do not unexpectedly find themselves stuck in a coverage gap after a data breach.