Claims Handling FAQs
Who can I contact and how if I have to speak to someone immediately?
- We are available to assist 24/7/365
- Chat below (during business hours of 8:00 - 8:00 E.S.T.)
What will I need to have ready when my Cyber Claims Service Representative contacts me for the first time?
- Confirm who will be our main contact for this claim.
- Date the incident occured and/or was discovered.
- Details around how it was discovered.
- If any IT, forensic or other such work has already be been performed, we will need invoices, bills, reports and the like.
Does HSB utilize preferred vendors to repair and restore systems?
- We can assist you in locating a vendor if you don’t have one, or you may use whomever you are currently comfortable with assisting you (services and rates are subject to our approval).
I have an active ransom demand (Cyber Extortion) – aside from contacting you and reporting my claim, what should I do first?
- Bring in an IT provider or your own IT staff to ensure the system and malware has been contained and not allowed to spread further.
- Please do not wipe your system.
- If possible, preserve a forensic image of the system.
- Notify law enforcement if a crime has been committed.
- We do not recommend you contact the threat actor directly.
- Please note any ransom payment must be pre-approved by HSB.
- We will help identify a Cyber Negotiation Firm who will contact the threat actor (cyber-criminal) to negotiate. Cyber Negotiators will run a probability check on the variant of ransomware and/or the threat actor / group to determine the likelihood of receiving the decryption keys. They will also run a check with the Office of Foreign Asset Control (OFAC) to ensure payment to the threat actor is not prohibited by the Government.
Should I pay the ransom?
- There is no definitive answer to this as each situation is different.
Is it possible to recover my data without paying the ransom?
- Here are some options to restore your data without the decryption keys:
- The data can be restored from electronic backups, if available / viable. The restoration may be covered by your policy, if completed by an outside professional firm.
- Recreate the data from non-electronic sources such as paper documents. The restoration may be covered by your policy, if completed by an outside professional firm.
- Restoration and recreation may also be completed by your internal IT resources, however your policy may not reimburse for personnel time.
I don’t think I had a compromise, but should I complete a breach investigation?
- If any Personally Identifying Information (PII) is present on your system, it is recommended a breach investigation be conducted. This will protect you from potential suits brought by affected individuals who were not notified appropriately. In addition, Personal Health Information (PHI) is subject to federal law which may require a breach risk analysis.
- If the systems contain PII, approximately 85 - 90% of businesses will conduct a breach investigation.
Should I hire an attorney?
- All 50 States have data privacy laws and the residence state of any affected individual will apply to any potential breach. The various states can also bring a regulatory action against you for failure to notify the State Attorney General of a breach. We will recommend law firms with certifications for data privacy.
- You are obligated to pay for the services of the attorney; they are hired by you. The policy reimburses you for compensable expenses, after the deductible has been met.
Can I just notify and pay for monitoring for affected parties?
- We would not recommend pursuing notification to affected individuals and/or regulatory agencies without conducting a breach investigation. This investigation will ensure you are notifying only those parties who must be notified by law.
- Note that the policy requires pre-approval of any vendor used for notification and/or credit monitoring services.
What do I do if I receive a lawsuit or demand related to my incident?
- Notify HSB immediately. Most lawsuits are time sensitive and this will protect you from Summary Judgement. We will hire an attorney for you. If you wish to use an attorney of your own choosing, the attorney must be pre-approved by us.
- The Cyber policy provides for your defense costs for any ‘Claim’ brought against you for the following reasons.
- Alleging an affected individual has suffered harm because of the breach of their PII.
- Alleging a third party suffered harm because of the failure of you to prevent unauthorized access to your systems.
- Alleging use of material you did not have permission to use and a third party suffered harm because of the unauthorized use.
Do you want to know about General FAQs?
[crx3composite, nosamplecontent, publish, cloud-ready]
