Historically, companies have been primarily concerned about a data breach or the loss of consumer confidential information. While this remains a prominent exposure for many industries, the title and real estate industries are dealing with an entirely elevated and sophisticated type of cyber crime. Even as awareness has spread across the industry, wire fraud is still a significant threat. You, your employees, and your customers are all susceptible to this type of cyber crime.

If you are thinking to yourself, “this must be covered by one of my insurance policies,” you shouldn’t be so sure. More often than not, title agents are left holding the bag, even when they thought they secured proper coverage. We’ve heard many horror stories involving title agencies that have insurance policies for E&O, Crime and Cyber Liability, all of which excluded wire fraud claims. If you’re a victim of one of these crimes, you deserve to be covered!

CLAIM EXAMPLES

Rerouting wires

After a phone conversation, an escrow agent sent password protected wire transfer instructions via email to another closing agent. The closing agent received the email and then received revised wire transfer instructions in a follow-up email (not password protected) that appeared to be from the escrow agent. The closing agent wired the closing funds to the account noted in the second email. The funds have been lost.

Ransomware & denial of service attacks

A title agent’s computer system was hacked and infiltrated with Ransomware. The hackers would not allow the agency into their system until they wired them $50,000. Computer systems were inaccessible for 48 hours and regular business services could not be performed.

Viruses/direct theft of funds

An escrow company fell victim to the Zeus virus, and lost a significant sum of money from one of its escrow accounts. According to reports and the actual lawsuit, hackers used the Zeus virus to steal the escrow company’s online banking access information, and wired $440,000 out of the escrow account to a foreign bank account. The escrow company had to scramble to cover the stolen escrow monies, and is now suing its bank for the amount lost. Particularly worrisome is the Zeus virus itself, which cannot be detected by most anti-virus software.

WHAT IS A CYBER LIABILITY POLICY?

Protection from cyber and technology risks, such as:

  • loss or inadvertent disclosure of confidential private information, such as clients’ or employees’ social security numbers, bank account numbers or credit card numbers
  • computer virus or hacking resulting in damage / disruption to your computer systems, or theft of private information
  • social engineering scams resulting in the loss of money

What can it cover?

  • Claims made against you by employees or clients
  • Regulatory proceedings, fines and penalties relating to privacy laws
  • Your expenses to address a breach, such as:
  • costs to notify affected individuals, or provide credit monitoring
  • costs to identify and address the cause of the breach
  • public relations or media costs
  • Direct loss of funds (this coverage is extremely rare and often sub-limited)

Who needs it?

Anyone who collects or stores private information or has a fiduciary responsibility to their clients! Most businesses require confidential information from clients in order to provide services; real estate professions are no different. The use of technology has made us more efficient, but it has also increased the challenge of protecting private information from accidental or malicious actions. More and more often we are seeing claims involving the direct loss of money. These claims can be just as, or much more, expensive as a privacy related security breach.

Who should buy it?

Everyone who conducts business! Regardless of the amount of time you dedicate to security, or the sophistication of controls, data breaches continue to occur at an alarming rate. Additionally, hackers are increasingly targeting small businesses that may not have sophisticated security measures in place. The average cost of a data breach is $201* per customer record compromised. Privacy & Security policies cover your direct costs to address a breach, plus legal expenses and settlements if you are sued.

*according to The Ponemon Institute’s 2014 annual study. The Ponemon Institute is an industry leader conducting independent research on privacy, data protection and information security. Visit www.ponemon.org for more details.