A Ransomware cyber attack that began last week has infected computers in about 150 countries around the world. The hackers include a message demanding a ransom, after encrypting information contained on the computer.
In addition to having a standard errors and omissions insurance policy, brokerages are increasingly being protected by a cyber liability policy, a type of coverage that more insurance companies are offering.
Suppose you’ve been hacked? The first thing an agent should do is inform her/his broker-owner about a breach. The broker has access to a hotline and a “breach coach,” a lawyer specializing in cyber events. A breach coach can confirm that all files can be restored using the system backup, and bring in a forensics expert to determine whether data has been compromised.
If it hasn’t, and the hacker hasn’t used the breach to access the intranet site of the larger real estate company the broker is affiliated with, it’s considered a small-scale extortion. Before the case is closed, the forensics expert works with the -broker’s technical staff to seal the system.
This type of minor breach, in which you’re locked out but no client data is compromised, could cost a brokerage $10,000 to resolve. But with cyber liability coverage, a brokerage would pay only a fraction of that—typically about 25 percent, depending on the level of protection obtained. With REALTOR Benefits® Program partner Victor O. Schinnerer & Co., base annual premiums start at about $750.
As covered recently in CVAR At A Glance, the Federal Trade Commission recently warned that the real estate industry, with its large sums of money changing hands, has become a tempting target for wire transfer fraud. In such a scheme, a hacker breaches the email of a consumer, real estate agent, lender, or title agent; follows the back-and-forth between parties; and then creates an official-looking email, directing the buyers to wire their down payment money to the criminal’s account. Warn your buyer clients to check the validity of any email that instructs them to transfer funds electronically. If they fall prey to such a scam, and a forensics investigation reveals it was your email that provided entry to the hacker, you could be subject to a liability claim.
Telephone toll fraud is also on the rise. This is where a hacker gains access to your brokerage’s internet-based phone system and reroutes your incoming and outgoing calls through a 900 number the hacker controls. You see nothing until your next phone bill arrives.
Small and medium-sized real estate companies are particularly vulnerable because they typically don’t have a full-time risk manager on staff. Yet every time an agent uses free Wi-Fi at a coffee shop to check email, your company faces potential exposure to a hacker. Even if you’re using a secured network at the office, you can open a door to your system if you click on a compromised link in an email.
If a hacker accesses your customers’ personal and financial data, that becomes a full-scale breach that would likely trigger state requirements on reporting and other remediation steps, and could even subject your business to fines and other repercussions at the federal level.
When shopping for a cyber liability policy, brokerages should look for:
- Plain-language contracts. It’s hard to decipher what’s covered, and what’s not, if you have to wade through page after page of cyber jargon.
- Breach liability coverage. Know what breaches are covered.
- Breach rectification coverage. Does the policy offer a hotline and a coach who’s qualified to help you manage the aftermath of a system compromise?
Anyone can fall victim to hacking. It’s smart to investigate liability options to keep your clients, your agents, and your company as safe as possible.
Source: Realtor magazine