Two major events last week made clear the dangers faced by any business that stores important personal information about its customers, as well as its own employees, on a computer system. Late last week Anthem Insurance disclosed that its computer system had been hacked and the names, addresses, birth dates, social security numbers, and other information of over 80 million customers and employees had been obtained by the hackers. Since Anthem Insurance owns Blue Cross and Blue Shield of Georgia, it is probable that many Georgia residents were included in the group of people whose personal information was obtained by the hackers. (Click here for a news release published today by the Insurance Commissioner’s Office that provides more information on the situation and recommends actions that Georgia residents can take to protect themselves.)
Although it appears that no credit card or health related information of those persons was obtained, what hackers can do with the personal information that was obtained was demonstrated by Intuit’s announcement the next day that it was suspending the electronic filing of state income tax returns by users of its Turbo Tax software. The suspension was done in response to reports of many fraudulent tax returns being filed electronically by persons who had obtained the name, address, and social security number of legitimate taxpayers. The Georgia Department of Revenue has confirmed its receipt of such returns and announced that it will increase its scrutiny of tax returns filed using Turbo Tax’s software, which will lead to a delay in their acceptance.
All businesses are at risk of a cyber attack and the increasing frequency of reports of successful attacks has led many industry observers to state that cyber liability insurance will be one of the hottest growth areas in 2015. The recent announcements by Nationwide Insurance that it will begin offering endorsements for cyber liability risks and Liberty Mutual Insurance that it will begin offering cyber liability coverage for small businesses is evidence of that fact. When cyber liability insurance first became available, I checked into it for my law firm, but the conditions that had to be met before a policy would be issued were such that it was not economically feasible for my firm. Those conditions have now been relaxed considerably, to the point that businesses with no more than a firewall and anti-virus software can obtain coverage. Of course, the premium charged for such businesses will be higher, but based on my conversations with company representatives at a recent insurance industry event I attended the premium would still make sense for a small business given the protection provided.
The increased awareness of the need for some protection in the event of a data breach should make many business owners more receptive to a solicitation from agents for such coverage. That awareness also gives agents an opportunity to “add value” to their services by providing advice about what can be done to reduce the possibility of a data breach and what to do if one occurs. Click here for an article that discusses ten tips to help businesses both prevent and prepare for such an event. There are many other sources for such information that can be easily found on the internet (click here for one). Don’t miss out on this opportunity to round out your commercial business accounts and give your customers, old and new, one more reason to consider you a trusted advisor.