DataBreaches.Net

NetDiligence 2013 report: “Cyber Liability & Data Breach Insurance Claims”

Posted on by Dissent

NetDiligence has released its 2013 report on “Cyber Liability & Data Breach Insurance Claims” based on actual claims submitted:

This report summarizes our findings for a sampling of 145 data breach insurance claims, 140 of which involved the exposure of sensitive data in a variety of sectors, including government, healthcare, hospitality, financial services, professional services, retail and many more.

Their key findings include:

  • PII was the most frequently exposed data (28.7% of breaches), followed closely by PHI (27.2% of breaches).
  • Lost/Stolen Laptop/Devices were the most frequent cause of loss (20.7%), followed by Hackers (18.6%).
  • Healthcare was the sector most frequently breached (29.3%), followed by Financial Services (15.0%).
  • Small‐Cap ($300M‐$2B) and Nano‐cap (< $50M) companies experienced the most incidents (22.9% and 22.1% respectively). Mega‐Cap (> $100B) companies lost the most records (45.6%).
  • The median number of records lost was 1,000. The average number of records lost was 2.3 million.
  • Claims submitted for this study ranged from $2,500 to $20 million. Typical claims, however, ranged from $25,000 to $400,000.
  • The median claim payout was $242,500. The average claim payout was $954,253. However, many claims in our dataset have not yet been paid. If we assume that, at a minimum, the SIR will be met, the median claim payout would be $250,000 while average claim payout would be $3.5 million.
  • The median per‐record cost was $107.14. The average per‐record cost was $6,790. However, if we exclude outliers (incidents with a low number of records exposed but extremely high payouts), the median per‐record cost was $97 and the average per‐record cost was $307.
  • The median cost for Crisis Services (forensics, notification, credit monitoring and legal guidance) was $209,625. The average cost for Crisis Services was $737,473.
  • The median cost for legal defense was $7,500. The average cost for legal defense was $574,984.
  • The median cost for legal settlement was $22,500. The average cost for legal settlement was $258,099.

You can download the report here (pdf).