BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
A Maryland federal district court ruled Thursday that an insurer must indemnify a screen-printing business under its businessowner’s policy for costs incurred in a ransomware attack.
Owings Mills, Maryland-based National Ink & Stitch LLC had a businessowners’ insurance policy with Columbus, Ohio-based State Auto Property and Casualty Insurance Co. between March 2016 and March 2017, according to Thursday’s ruling by the U.S. District Court in Baltimore in National Ink and Stitch, LLC v. State Auto Property and Casualty Insurance Co.
The company stores art, logos and designs for its business on its computer server as well as graphic arts, shop management, embroidery and webstore management software, according to the ruling.
In December 2016, the company’s computer server and networked computers experienced a ransomware attack, which prevented it from accessing all of its art files and other data contained on the server, and all its software, except for the embroidery software, according to the ruling.
Although the company made the requested bitcoin payment, the attacker demanded further payment and refused to release the software and data. National Ink hired a security company to replace and reinstall this software and install protective software on its computer system.
In the end, although its computer still functioned, the protective software’s installation slowed the system and resulted in an efficiency loss, the ruling said.
Furthermore, the art files formerly stored on the server cannot be accessed, and the firm either has, or will have to, recreate them, according to the ruling.
Experts testified also that there are likely dormant remnants of the ransomware still present, which could re-infect the entire system. To eliminate the risks, the options would be to wipe the entire system and reinstall all of the stored information or to purchase an entirely new server and components.
The company filed suit after State Auto refused to pay National Ink’s claim in the matter.
“State Auto contends that because Plaintiff only lost data, an intangible asset, and could still use its computer system to operate its business, it did not experience ‘direct physical loss’ as covered by the policy,” the ruling said.
“Plaintiff counters that the Policy’s language contemplates computer data and software to be property subject to ‘direct physical loss’ ... and that its computer system itself sustained damage, in the form of impaired functioning.”
The ruling said, “the plain language of the Policy contemplates that data and software are covered and can experience ‘direct physical loss or damage.’”
“In addition to Plaintiff’s data and software constituting covered property under the Policy’s terms, Plaintiff has also demonstrated damage to the computer system itself, despite its residual ability to function,” it said.
“State Auto seems to equate ‘physical loss or damage’ to Plaintiff’s computer system to require an utter inability to function. The Policy language, and the relevant case law, impose no such prerequisite,” the ruling said, in granting summary judgment to National Ink in the case.
Attorneys in the case could not be reached for comment.
On Wednesday, a Kansas federal district court said State Auto is obligated to defend a printing services company under the “personal and advertising injury” provision of its commercial general liability insurance policy because the company allegedly disparaged another company’s product.