Slashdot Mirror
Sony Insurer Suing To Deny Data Breach Coverage
idontgno writes "It keeps getting better and better for Sony and its business units. Reuters reports that Sony's insurer, Zurich American, is suing to avoid paying out on Sony's legal liability which may arise from its spectacular online security breaches a few months ago."
I was just thinking to myself, what this story needs is some more lawyers.
... the worst ever handled online security breach, here comes the plain-text captcha: http://pro.sony.com/bbsc/jsp/forms/generateCaptcha.jsp
Yes, you heard well. The catpcha is not an image, but HTML text with CSS to distort the text style! That is how things must be done in Sony, that explains SO MUCH!
The headline is not surprising at all, IMHO.
If Sony's issues were due to their own negligence in securing their network, why should the insurance company have to pay? If I'm driving drunk my insurance company isn't going to cover my car when I get into an accident, so why the hell should an insurance company cover this?
If Sony was a person this wouldn't even be a question...
This makes me respect the attacks on Sony all the more. The attacks on Sony did more damage than the temporary breeches and outages. Those can be forgotten in a short time. But when insurance coverage is being denied, real and long-lasting damage has indeed occurred.
An insurance company will often deny coverage to parties who are risky. If a party engages in behavior that, for example, makes them a target of angry people, they are a higher risk. Sony has made many, many parties angry and in this case, they made themselves target. What's more, they failed to improve security at any site or location that bears the Sony brand. This makes them more than risky, it makes them negligent.
I only wish "arrogance" were enough cause to raise insurance rates... but then again, insurance companies would all be uninsurable.