Insurer not liable for ransomware clean-up costs

Inchcape Australia was infected by ransomware in 2020
11 August 2022

The AustralianFederal Court  handed down a judgement last week that an Insurer is not liable for ransomware clean-up costs of the victim.

The victim - Inchcape Australia is an automotive distributor and services firm. It was infected by ransomware at the end of 2020. 

Justice Jayne Jagot wrote in her judgment that such costs as decisions taken by the victim, rather than as costs directly incurred from the attack and therefore not claimable under the insurance policy it held.

But the way “direct” - claimable - and “indirect” - unclaimable - costs incurred by an attack victim were described in the judgment could worry some organisations that think they have adequate cover for cyber incidents. 

Gilbert + Tobin Partner Simon Burns saw potential for this part of the judgment to have a broader impact on the interpretation of claimable costs under cyber insurance policies. Mr Burns told iTnews -  “The big lesson is if you want to be covered for those actions you should be really clear in the insurance cover and the policy that they’re in there.”

- CyberBeat

About CyberBeat

CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.

Contact CyberBeat

If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us

Terms & Policies >>


We couldn't do this without the support of our sponsors and contributors.