Search for insurance help

Equifax hack acts as a cyber ‘case study’ for brokers

Cyber Data Risk Ma...

Jun 10, 2020
Views: 846

Business Insurance Cyber Insurance General Insurance Financial Services Insurance

The recent hack on global credit reporting company Equifax can act as a case study for brokers and their clients on what to do, and what not to do, in the event of a cyberattack, an expert has said.

The hack, which was announced a month ago and was then said to have impacted 143 million people, has since been revealed to be worse than originally feared with a further 2.5 million people affected.

Meena Wahi, a specialist cyber broker and director of Cyber Data-Risk Managers, said that the hack and the fall-out following the breach – which has seen Equifax’s CEO retire and class action cases launched – could act as a “very typical” case study for brokers and clients.

“From an insurance perspective, I would urge my clients, especially businesses who don’t have insurance, to look at it as a case study,” Wahi told Insurance Business. “It is really an example that demonstrates no business can take cyber security lightly and, especially with larger enterprises, they are vulnerable on so many fronts.”

The attack came as Equifax failed to patch a vulnerability in its system, which was then exploited by unknown hackers. It took six weeks for Equifax to notify customers impacted as high-level executives sold off almost US$2 million in stock after discovering the breach in late July, before the firm went public with the news, according to The Washington Post.

Wahi said that the hack itself highlighted that businesses of any size cannot afford to let their guard down when it comes to cyber protection.

“You cannot think that you can relax on security and imagine that you will not have a data breach,” Wahi continued. “It highlights that a business their size didn’t have incident response planning and it highlights that, despite everything, a business can still make a stupid mistake and still have a data breach.”

Patch management has been to blame for several large scale cyberattacks so far in 2017, with both Petya and Wannacry earlier in the year exploiting similar vulnerabilities. Wahi said that brokers must ensure that clients keep up-to-date on their patch management or they could face a denial of claim.

“It can happen to any business, small or big,” Wahi noted. “Any website can get hit because they haven’t closed the vulnerability.”

cyber attack

General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.

Meena Wahi, Cyber Data Risk Managers, ABN 34 161 961 422