William P. Sowers Jr. and Michael S. Levine of Hunton Andrews Kurth write:
The Eastern District of Pennsylvania recently gave another reminder why cyber insurance should be part of any comprehensive insurance portfolio. In Construction Financial Administration Services, LLC v. Federal Insurance Company, No. 19-0020 (E.D. Pa. June 9, 2022), the court rejected a policyholder’s attempt to find coverage under its professional liability insurance for a social engineering incident that defrauded over $1 million.
Construction Financial Administrative Services, which goes by CFAS, disburses funds to contractors. One of its clients, SWF Constructors, was hacked, and a bad actor posing as the client asked CFAS to distribute $600,000 to a sham third party. John Follmer, an executive at CFAS and the only person authorized to approve distribution of funds, approved it. The next day, the bad actor, again posing as the client, asked Follmer to transfer an additional $700,000. Follmer approved that distribution too.
Read more at The National Law Review.