Businessinsurance.com reported that a court agreed with Traveler’s “which denied coverage on the basis the loss was not a “direct loss” that was “directly caused by the use of a computer” as required by the policy.” My friend Judy Greenwald wrote the article entitled “Manufacturer can’t recover spoofing email losses from insurer” about the ruling by the US District Judge, Eastern District of Michigan (Ann Arbor) in the case American Tooling Center Inc. v. Travelers Casualty and Surety Company of America which included these facts:
The vice president received emails purportedly from the vendor instructing ATC to send payment for several legitimate outstanding invoices to a new bank account, according to the ruling.
Without verifying the new banking instructions, ATC wire-transferred about $800,000 to a bank account that was not, in fact, controlled by the vendor.
The Judge granted Summary Judgment for Traveler’s since:
There was no infiltration or ‘hacking’ of ATC’s computer system,
The emails themselves did not directly cause the transfer of funds; rather, ATC authorized the transfer based upon the information received in the emails,”
No question that verification of the spoofed email would have avoided this result, but no monies would have been transferred.