SecurityWeek reports that Merck and its insurers have reached a settlement for a $1.4 billion insurance claim filed by the U.S. multinational pharmaceutical firm under its "all-risks" coverage for the destructive NotPetya cyberattack in 2017.
Such a settlement, the terms of which were not disclosed, comes after Merck received the upper hand in court decisions handed over in 2022 and 2023.
While Merck, which did not have cyber insurance during the NotPetya attack, was noted by insurers to not have been covered as the damage brought upon by the incident was excluded under the war exclusion clause, such clause was found by New Jersey Superior Court Judge Thomas Walsh to not apply for the specific intrusion. Walsh's decision was later upheld by the New Jersey appellate when the insurers appealed.
"Pharmaceutical giant Merck & Co. Inc. struck an 11th-hour settlement with insurers Wednesday, evading a New Jersey Supreme Court review of its massive cyberattack insurance dispute on the eve of an oral argument that could have set a national precedent impacting the booming cyber insurance market," said Bloomberg Law.
It’s more challenging for organizations to get cybersecurity insurance, and when they do manage to get insured the premiums are steep. It also turns out that not all policies cover ransomware, the leading cause of cyber insurance claims.
Declining cyberinsurance provider exposures and organizations' failure to examine the fine print of their policies have been fueling growing disparities in cyberinsurance coverage, according to SiliconAngle.
SiliconAngle reports that cyber insurance and breach prevention tech provider Resilience Cyber Insurance Solutions has landed a $100 million investment from a Series D funding round, which would be allocated toward the startup's international expansion and customer growth.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news