Home / News in Brief / Policy won’t cover loss to hackers

Policy won’t cover loss to hackers

A Richmond-area real estate development company cannot look to its business insurance policy to cover its $42,302.46 loss due to phony wiring instructions.

U.S. District Judge John A. Gibney Jr. closed the door Feb. 20 on the effort by Midlothian Enterprises Inc. to establish coverage for the all-too-common theft.

An employee of Midlothian received an email in 2018 that appeared to come from company president E. Bryce Powell. The email directed the staffer to wire money to an Alabama bank account.

Powell normally sent such emails directing business payments, and the employee wired the money as directed. Afterwards, the company discovered that hackers, not Powell, had sent the fraudulent email and had stolen the money.

Owners Insurance Company denied Midlothian’s claim for the loss based on policy language excluding loss resulting from being “induced by any dishonest act to voluntarily part” with property.

“The plain language of this exclusion unambiguously includes Midlothian’s loss,” Gibney said.

Gibney also rejected Midlothian’s effort to bring the loss under a “forgery or alteration” endorsement in the policy.

Gibney’s opinion is Midlothian Enterprises Inc. v. Owners Insurance Co. (VLW 020-3-096).

Midlothian was represented by John A. Conrad of Richmond. Owners Insurance was represented by Stanley P. Wellman of Richmond.

What the FBI calls “business email compromise” is a growing crime with a “staggering” price tag, the agency says. Between 2013 and 2019, the FBI’s Internet Crime Complaint Center received complaints of more than $10 billion in losses from the crime.

The losses often pit businesses against their insurers in battles for coverage.