Hacked Company Loses Insurance Battle Over Customer Payment Scam

The information on this website is general in nature and does not take into account your objectives, financial situation, or needs. Consider seeking personal advice from a licensed adviser before acting on any information.

The company, holding a management liability insurance policy, sought to claim under its third-party crime coverage to recover the outstanding bills from the customers. However, AIG Australia denied the claim, stating that the policy only addressed "direct financial loss" from theft or fraud by a third party, and argued that since the stolen money belonged to customers, the business itself did not suffer a direct loss.

The Australian Financial Complaints Authority (AFCA) reviewed the case and acknowledged the company's loss. However, it determined that the loss did not align with the policy's specific terms. The ruling emphasized that only the company's customers faced direct financial loss, whereas the company experienced an indirect one due to subsequent non-payments.

The AFCA explained that the hack did not meet the company's policy definition of theft, as the stolen funds belonged to the customers, not the business. This discrepancy meant that the policy's electronic and computer crime coverage was not applicable. Additionally, the policy's criteria for "fraudulent act," which required acts of forgery or counterfeiting the insured had acted upon, were not met since the company was unaware of the false invoices.

This case highlights the critical distinction between direct and indirect financial losses in insurance claims, emphasizing the importance of understanding policy terms. For businesses, particularly those prone to cyber threats, it underscores the significance of having insurance coverage that appropriately addresses loss scenarios stemming from such events. It also serves as a cautionary tale of the complexities involved in recovering from cybercrime attacks without adequate protection.

Moving forward, businesses should ensure robust cybersecurity measures to prevent similar email hacks, coupled with clarifying insurance policies for adequate coverage against indirect financial losses as a result of customer fraud. This scenario may lead insurance providers to reevaluate their product offerings, potentially driving the development of more comprehensive cybercrime coverages. Additionally, the financial sector might witness increased discussions on how to formulate clearer policy definitions that align with the evolving nature of cyber threats.

Published:Tuesday, 11th Mar 2025
Author: Paige Estritori

Please Note: We do not endorse any specific products or companies. Some content is sourced from third parties, including press releases, and may not be independently verified for accuracy or completeness.

Share this news item:

Insurance News

Clear

IAG Enhances Coverage by Integrating RACQ Insurance into 2026 Reinsurance Program

19 May 2026: Paige Estritori

Insurance Australia Group (IAG) has successfully integrated RACQ Insurance into its 2026 catastrophe reinsurance program. This strategic move is designed to bolster the company's capacity to manage catastrophic events and provide enhanced coverage for Australian policyholders. - read more

Rising Legal Costs and Regulatory Hurdles Escalate Small Business Insurance Premiums

19 May 2026: Paige Estritori

Small businesses across Australia are grappling with a significant surge in insurance premiums, with rates escalating by up to 60% since 2019. The Insurance Council of Australia (ICA) attributes this sharp increase to outdated liability laws, escalating legal expenses, and cumbersome government regulations. - read more

Australian SMEs Face Escalating Risks from Intensifying Extreme Weather Events

19 May 2026: Paige Estritori

Australian small and medium-sized enterprises (SMEs) are increasingly vulnerable to the impacts of extreme weather events, with recent data indicating a significant rise in related insurance claims. According to BizCover, a leading insurance comparison site, the proportion of claims attributed to severe weather events escalated from 9.6% in the 2022-2023 financial year to 16.8% in 2024-2025. The average claim amount reached $39,000, with some claims exceeding $200,000. - read more

ACCC Halts IAG's Bid to Acquire RAC WA's Insurance Division

11 May 2026: Paige Estritori

The Australian Competition and Consumer Commission (ACCC) has recently opposed the proposed acquisition of RAC WA's insurance operations by Insurance Australia Group (IAG). This decision stems from concerns that the merger would significantly reduce competition within Western Australia's insurance sector, potentially leading to higher premiums and diminished service quality for consumers. - read more

Coalition Enhances Cyber Insurance Coverage Amid Rising Email Breaches

11 May 2026: Paige Estritori

In response to the escalating threat of email-based cyber attacks, insurance provider Coalition has announced an increase in its standard cyber crime coverage for Australian policyholders to $500,000. This enhancement aims to address the growing financial impact of cyber incidents, particularly those involving business email compromise (BEC) and fraudulent fund transfers (FTF). - read more

Click for more Insurance News