DSW Entitled to $6.8M in Data Breach Involving 1.4M Cards
A 2005 data breach that exposed transaction information from 1.4 million credit cards entitles DSW Designer Shoe Warehouse to $6.8 million in insurance coverage, according to a recent federal appellate court ruling. The award was made despite the fact that the retailer had not suffered losses directly attributable to the theft.
The insurance company, National Union, a unit of New York-based Chartis, had alleged in part that it was not obligated to provide coverage because DSW "had not sustained loss 'resulting directly from' the theft of the computer information," making it an uncovered "indirect loss."
However, a unanimous opinion by a three-judge panel of the 6th U.S. Circuit Court of Appeals disagreed, upholding a lower court's ruling: "Despite defendant's arguments to the contrary, we find that the phrase 'resulting directly from' does not unambiguously limit coverage to loss resulting 'solely' or 'immediately' from the theft itself," according to the opinion.
In addition, a policy endorsement "provided coverage for loss that the insured sustained 'resulting from' the 'theft of any insured property by computer fraud' which includes the 'wrongful conversion of assets under the direct or indirect control of a computer system by means of fraudulent accessing of such computer system.'"
For related content: DSW Enhances IT Systems
Lessons We Should Have Learned from the Zappos Data Breach
Global Payments Data Breach Exposes 1.5M Consumers' Card Info
The insurance company, National Union, a unit of New York-based Chartis, had alleged in part that it was not obligated to provide coverage because DSW "had not sustained loss 'resulting directly from' the theft of the computer information," making it an uncovered "indirect loss."
However, a unanimous opinion by a three-judge panel of the 6th U.S. Circuit Court of Appeals disagreed, upholding a lower court's ruling: "Despite defendant's arguments to the contrary, we find that the phrase 'resulting directly from' does not unambiguously limit coverage to loss resulting 'solely' or 'immediately' from the theft itself," according to the opinion.
In addition, a policy endorsement "provided coverage for loss that the insured sustained 'resulting from' the 'theft of any insured property by computer fraud' which includes the 'wrongful conversion of assets under the direct or indirect control of a computer system by means of fraudulent accessing of such computer system.'"
For related content: DSW Enhances IT Systems
Lessons We Should Have Learned from the Zappos Data Breach
Global Payments Data Breach Exposes 1.5M Consumers' Card Info