As thousands of retailers, large and small, have learned to their cost, a data breach is not a question of "if". The only question is "when?"
Information exposures are difficult to control and are subject to many different types of loss events. And even with the best systems, controls and personnel, no retailer is immune to the risk. It only takes one small human error, a simple property crime, or one clever hacker, to compromise millions of customer records.
- significant exposure
- payment card industry
- class action lawsuits
- regulatory investigations
- third party coverage
- Why Beazley?
Retailers are prime targets for cyber criminals looking to exploit vulnerabilities through point of sale systems. Once such a breach occurs, compulsory data breach notification laws will ensure that the public knows about the event, posing a significant risk to the retailer’s reputation and brand. A study conducted by the Economist Intelligence Unit in April 2013 found that 38% of respondents affected by a data breach no longer did business with the organization concerned “because of the data breach,” and 46% said they had advised friends and family to be careful of sharing data with the organisation.
Commerce without credit and debit card payments is unimaginable. Whether at the point-of-sale, online, or through a call center, the retail industry processes a staggering volume of credit card transactions. A breach of credit card information, which the card brands frequently detect before the organization even suspects any foul play, can result in fines, penalties, mandated computer forensic costs, legal fees, and worst of all, the inability to process payments.
The publicity and customer dissatisfaction that surround a data breach have spurred a wave of class actions against retailers big and small. Enterprising plaintiffs’ lawyers relying on a variety of privacy laws have filed complaints seeking billions of dollars in damages. The risk of crippling damages, and the sizeable costs of litigation, often push organisations to settle even in the absence of any clear harm to the plaintiffs.
State and federal regulators have made it clear that a significant breach of customer information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether from the Federal Trade Commission or state attorneys general, the regulatory landscape for retailers carries an immense amount of risk.
In addition to covering your business, BBR also protects your partners though third party coverage. Third party coverage includes:
- Third party information security and privacy coverage with up to $15M in limits in addition to the breach response coverage
- Regulatory defense and penalties
- Website and offline media liability
- PCI fines, penalties and assessments
- Cyber extortion
- First party business interruption and data protection with limits up to $15 million.
Beazley, a leading insurer of technology and information security risks, has developed Beazley Breach Response (BBR), a solution to privacy breaches and information security exposures tailored to the needs of retailers. We pioneered the concept of data breach insurance that focuses first and foremost on response. BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected data breach incident effectively, efficiently, and in compliance with the law.
Not if, but when. Any retail business handling customer data will, sooner or later, be confronted with the challenge of a data breach. It's not a matter of "if" but "when".
Breach response services
Claims Team Leader - Cyber & Tech
New York, NY, USA
+1 646 378 firstname.lastname@example.org
UK & International TMB Claims Manager
+44 207 674 email@example.com
Head of Third Party Complex Claims
New York, NY, USA
+1 646 943 firstname.lastname@example.org
Focus Group Leader London and International Cyber and Tech
+44 207 674 email@example.com
Team Leader & Underwriter US Cyber & Tech London
+44 (0) 207 674 firstname.lastname@example.org
Focus Group Leader - International Cyber & Tech
0207 674 email@example.com