Information exposures are difficult to control and are subject to many different types of loss events. And even with the best systems, controls and personnel, no retailer is immune to the risk. It only takes one small human error, a simple property crime, or one clever hacker, to compromise millions of customer records.
- significant exposure
- payment card industry
- class action lawsuits
- regulatory investigations
- third party coverage
- Why Beazley?
Retailers are prime targets for cyber criminals looking to exploit vulnerabilities through point of sale systems. Once such a breach occurs, compulsory data breach notification laws will ensure that the public knows about the event, posing a significant risk to the retailer’s reputation and brand. A study conducted by the Economist Intelligence Unit in April 2013 found that 38% of respondents affected by a data breach no longer did business with the organization concerned “because of the data breach,” and 46% said they had advised friends and family to be careful of sharing data with the organisation.
Commerce without credit and debit card payments is unimaginable. Whether at the point-of-sale, online, or through a call center, the retail industry processes a staggering volume of credit card transactions. A breach of credit card information, which the card brands frequently detect before the organization even suspects any foul play, can result in fines, penalties, mandated computer forensic costs, legal fees, and worst of all, the inability to process payments.
The publicity and customer dissatisfaction that surround a data breach have spurred a wave of class actions against retailers big and small. Enterprising plaintiffs’ lawyers relying on a variety of privacy laws have filed complaints seeking billions of dollars in damages. The risk of crippling damages, and the sizeable costs of litigation, often push organisations to settle even in the absence of any clear harm to the plaintiffs.
State and federal regulators have made it clear that a significant breach of customer information will result in monetary penalties, onerous corrective action plans, and on-going audits. Whether from the Federal Trade Commission or state attorneys general, the regulatory landscape for retailers carries an immense amount of risk.
In addition to covering your business, BBR also protects your partners though third party coverage. Third party coverage includes:
- Third party information security and privacy coverage with up to $15M in limits in addition to the breach response coverage
- Regulatory defense and penalties
- Website and offline media liability
- PCI fines, penalties and assessments
- Cyber extortion
- First party business interruption and data protection with limits up to $15 million.
Beazley, a leading insurer of technology and information security risks, has developed Beazley Breach Response (BBR), a solution to privacy breaches and information security exposures tailored to the needs of retailers. We pioneered the concept of data breach insurance that focuses first and foremost on response. BBR is a complete privacy breach response management and information security insurance solution which includes a range of services designed to help you respond to an actual or suspected data breach incident effectively, efficiently, and in compliance with the law.
Not if, but when. Any retail business handling customer data will, sooner or later, be confronted with the challenge of a data breach. It's not a matter of "if" but "when".
Breach response services
Claims Team Leader - Cyber & Tech
New York, NY, USA
+1 212 801 7170marcello.antonucci
Claims Focus Group Leader - International Cyber
+44 207 674 7748sandra.cole
Focus Group Leader - London Wholesale Middle Market, Cyber & Tec
+44 207 674 7816lucy.cantlay
Head of London Market Wholesale Cyber & Technology
+44 (0) 207 674 7589alec.cramsie
Head of London and International Underwriting Management, Cyber
+44 (0) 207 674 7812aidan.flynn
Focus Group Leader - International Cyber & Tech
0207 674 7739alessandro.lezzi