CyberSecurityBoard
Sponsor Register Login

Merck Settles With Insurers Over $700m NotPetya Claim

Merck has finally reached a settlement with its insurers after they had refused to pay out following the NotPetya campaign due to a cyber-warfare policy exclusion.
The pharmaceuticals giant claimed it was entitled to around $700m from its carriers after the 2017 attacks, which are believed to have infected tens of thousands of its machines with destructive malware disguised as ransomware.
According to Bloomberg Law, the settlement last week came just before the start of oral arguments in a New Jersey Supreme Court review of the dispute.
Whether state-backed cyber-campaigns like NotPetya can be described as acts of war is a matter hotly contested by legal scholars.
Confectionary giant Mondelez settled with insurance provider Zurick back in 2022 after the latter denied it a $100m payout following NotPetya on similar grounds.
In the meantime, the insurance sector has been scrambling to add clarity to policies when it comes to cyber-related risk.
It's believed that NotPetya caused $1.4bn in losses at Merck.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 08 Jan 2024 10:30:09 +0000


Cyber News related to Merck Settles With Insurers Over $700m NotPetya Claim

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved - A legal definition of cyberwar and its relationship with kinetic war has been avoided by a settlement between Merck and its insurers over damage caused by NotPetya. Merck had lodged an insurance claim for $1.4 billion for damage caused by the ...
6 months ago Securityweek.com
War or Cost of Doing Business? Cyber Insurers Hashing Out Exclusions - Drugmaker Merck's long legal battle with its insurance companies over the damages caused to its business by the NotPetya wiper worm ended last week when the company settled with a bevy of insurance companies that had refused to pay $699 million of ...
5 months ago Darkreading.com
Merck Settles With Insurers Over $700m NotPetya Claim - Merck has finally reached a settlement with its insurers after they had refused to pay out following the NotPetya campaign due to a cyber-warfare policy exclusion. The pharmaceuticals giant claimed it was entitled to around $700m from its carriers ...
5 months ago Infosecurity-magazine.com
Merck settles with insurers who denied $700 million NotPetya claim - Pharmaceutical giant Merck has reportedly reached a settlement with insurers over their refusals to cover losses stemming from the NotPetya cyberattack in 2017. In early 2022, a New Jersey court ruled that the warfare exemption did not apply to the ...
6 months ago Therecord.media
Why CISOs Need to Make Cyber Insurers Their Partners - Organizations may perceive the lengthy and involved process, paired with rising premiums, as insurance companies taking advantage of them. Insurance companies are struggling to balance soaring loss ratios that were particularly rampant a couple years ...
6 months ago Darkreading.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
Takeaways from Cisco at InsureTech Connect 2023 - InsureTech Connect 2023, the premier conference for the insurance technology industry, brought together 9,000+ innovators, leaders, and solution providers to Las Vegas in early November to explore the latest trends, technologies, and disruptions in ...
7 months ago Feedpress.me
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
3 months ago Bleepingcomputer.com
London Calling: Hey, US, Let's Chat About Cyber AI - Globally, the estimated cost of recovering from the impact of the WannaCry attack is between $4 billion and $8 billion. Not long after the WannaCry attack, businesses and governments around the world were impacted by a similar, more devastating, ...
5 months ago Securityboulevard.com
Essential Tips for Claiming Cyber Insurance Coverage - In an era dominated by digital transactions and interconnected networks, the importance of cyber insurance cannot be overstated. Cybersecurity threats loom large, making it crucial for businesses to not only invest in robust preventive measures but ...
6 months ago Cybersecurity-insiders.com
Merck settles with insurers regarding a $1.4 billion claim - We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience ...
6 months ago Securityaffairs.com
Meet Your New Cybersecurity Auditor: Your Insurer - As businesses deal with the fallout of massive ransomware waves, from Lapsus$ to Cl0p/MOVEit, an unlikely new entity is joining the regulatory bodies to raise the bar for cybersecurity: the cyber insurer. Their coverage requirements and ...
7 months ago Darkreading.com
Google To Pay $700m To Consumers In US Antitrust Settlement - Google agrees to pay $700m to US consumers in antitrust settlement with users and states as Epic presses to 'open Android ecosystem'. Google is to pay $700 million and allow more competition in its Play app store as part of an antitrust settlement ...
6 months ago Silicon.co.uk
Cyber Insurers Warn Catastrophic Hacks Will Require Government Help - A cyberattack that disrupts everyday life in the U.S. will likely cost more than the insurance industry can afford to cover, requiring government intervention, insurers and brokers said. The idea of a federal backstop to help insurers cope in the ...
7 months ago Wsj.com
Top 3 Priorities for CISOs in 2024 - As the new year begins, CISOs gather with their security teams and corporate management to scope out top priorities for 2024 and how to address these issues. This year - with a multitude of new privacy laws, Securities and Exchange Commission ...
5 months ago Darkreading.com
Superconductor Claim 'Baseless' Experts - 'Breakthrough' claim by South Korean researchers of a room-temperature superconductor dismissed by reviewing experts. Doubts about a breakthrough claim earlier this year by a group of South Korean researchers appear to be justified, after experts ...
6 months ago Silicon.co.uk
The Evolution of Ransomware 4 Types of Cyber Threats in 2023 - Security professionals and CISOs have been protecting their organizations from ransomware for a long time, adapting to changes in technology to protect against the risks of stolen data or disruptions to important systems. Cybercriminals are always ...
1 year ago Trendmicro.com
How Swiftslicer Malware Wiper is Affecting Ukrainian Companies - Recent reports have revealed the emergence of Swiftslicer, a destructive wiper malware, in Ukraine. This malware targets computer networks in order to cause wide-spread data loss, disrupting operations of its victims. This development is especially ...
1 year ago Welivesecurity.com
Definition from TechTarget - Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems. They're identified as nation-state attackers, and they've been accused of attacking the IT ...
6 months ago Techtarget.com
CVE-2019-20437 - An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. When a custom claim dialect with an XSS payload is configured in the identity provider basic claim configuration, that payload gets ...
1 year ago
CVE-2023-22482 - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions of Argo CD starting with v1.8.2 and prior to 2.3.13, 2.4.19, 2.5.6, and 2.6.0-rc-3 are vulnerable to an improper authorization bug causing the API to accept certain ...
1 year ago
CVE of the month, the supply chain attack hidden for 10 years CVE-2024-38368 - CVE-2024-38368 is a vulnerability that affects the open-source supply chain of iOS and MacOS applications. CocoaPod is a dependency manager for Swift and Objective-C, essentially it is the NPM, RubyGems or PyPi equivalent of Swift and Objective-C. ...
4 days ago Securityboulevard.com
Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks - Critical vulnerabilities in the CocoaPods dependency manager could have allowed threat actors to take over thousands of orphaned packages, execute shell commands, and take over accounts, potentially impacting millions of iOS and macOS applications, ...
5 days ago Securityweek.com
Apple Settles Lawsuit iTunes Gift Card Scam - Agreement reached with Apple to settle a lawsuit that alleged it knowingly let scammers exploit iTunes gift cards, and kept stolen funds. Apple in the new year has sought to rid itself of another legal claim, after it reportedly agreed to settle a ...
6 months ago Silicon.co.uk
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
6 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)