“At the end of the day, it really boils down to a business decision on the insurance side of things: them looking at how much is it going to cost to fix it ourselves and how much is it going to cost to pay the ransom.”
As insurance companies have approved six- and seven-figure ransom payments over the past year, criminals’ demands have climbed.
Still, many public agencies are delighted to have their insurers cover ransoms, especially when the ransomware has also encrypted backup files.
Not all cyber insurance policies cover ransom payments.
After a ransomware attack on Jackson County, Georgia, last March, the county billed insurance for credit monitoring services and an attorney but had to pay the ransom of about $400,000, County Manager Kevin Poe said.
The proliferation of cyber insurers willing to accommodate ransom demands has fostered an industry of data recovery and incident response firms that insurers hire to investigate attacks and negotiate with and pay hackers.
New York-based Flashpoint also pays ransoms for insurance companies.
Over the past year, unknown attackers using the Ryuk strain have besieged small municipalities and technology and logistics companies, demanding ransoms up to $5 million, according to the FBI. Shortly after realizing it had been attacked, Lake City contacted the Florida League of Cities, which provides insurance for more than 550 public entities in the state.
The orginal article.
Erie Insurance, one of the nation’s largest auto insurers, had not only provided the cops with evidence against its own loyal customer – it had actively worked with them to try to convict him of insurance fraud.
Insurance companies provide financial incentives to scores of police departments, prosecutors, and other public agencies to encourage them to focus on insurance fraud, a crime that has traditionally not been a priority for local law enforcement.
These efforts to fight phony claims have netted insurers at least a sevenfold return on investment since the ’90s, according to the Coalition Against Insurance Fraud, a nonprofit that receives most of its funding from insurance companies.
Insurance company officials make up the majority of the authority’s board, which last year doled out $14 million in targeted grants to fund the work of roughly 100 prosecutors, investigators, and support staffers across the state dedicated exclusively to rooting out insurance fraud.
Those law enforcement officials collected $5.6 million in restitution from people accused of insurance fraud in 2018, money that went back to the insurance companies.
His salary of $93,549, as well as those of the police officers assigned to work on insurance fraud, was entirely covered by grants from the Pennsylvania Insurance Fraud Prevention Authority.
Three years later, the Coalition Against Insurance Fraud, a group composed of insurance companies, consumer groups, and other stakeholders, helped craft model legislation that guaranteed companies broad immunity from any customer who wished to sue for being wrongly accused of fraud.
NICB agents help vet thousands of suspected fraud reports shared by insurance companies, embed in task forces with the FBI, and help craft threatening letters to customers suspected of fraud on behalf of state insurance regulators.
The orginal article.
Nothing is more discouraging than the ransoms that are paid out by insurance firms as part of a cyber insurance policy.
It’s bad enough when victims of ransomware make these payments themselves-it encourages more ransomware by funding the criminals in their ongoing pursuits.
When those payments come from their insurance carriers, the victims become so insulated from those costs, so used to paying for their insurance policies as a regular risk management expense, that ransomware becomes even more accepted and legitimized as a routine cost of doing business.
Several major insurance companies explicitly offer coverage for online extortion payments in their cyber policies, and those demanded payouts have been gradually increasing.
While few organizations publicize it when they use insurance to make these payments, cyber insurance can also cover several other types of costs related to ransomware attacks, including the costs of restoring or replacing affected systems.
Ideally, the insurance firms might even serve as the centralized, powerful intermediaries that have the data and reach to implement better protections against ransomware across their customer base, in a similar vein to what Mastercard and Visa do for payment card fraud.
That’s how all insurance works, in some sense-individuals and organizations pay over the same amount of money they might have spent on a large-scale disastrous event to an insurance company in increments, and that way, when the event actually happens, be it an earthquake, a cancer diagnosis, or a ransomware attack, the victim is not on the line to come up with the entire sum at that moment.
Buying insurance to replace infected computers or notify breach victims or pay lawyers in the event of a security incident is a very different thing from buying insurance to pay off criminals directly.
The orginal article.
Having one claim unrelated to a widespread catastrophe within the past three years on your record can knock you out of the running for many insurers; two claims in that time frame make it nearly impossible to switch, says Spencer Houldin, president of Ericson Insurance Advisors, in Washington Depot, Conn. File multiple claims and you risk having your current insurer drop you when your policy comes up for renewal.
Save Without Switching If you’re happy with your current insurer, there are ways to trim your premium without switching to a new company.
Raising your deductible from $500 to $1,000 often cuts your premium by up to 15%. Ask your agent or insurer if you are getting every discount you are eligible for.
Bundling your auto and home policies with the same insurer is usually a good way to save about 15% – and sometimes more.
Shop the policies separately as well, because sometimes a company will offer a lower rate on home than on auto, or vice versa, and the difference will outweigh the credit you get by bundling, says Cheryl Crews, director of operations at Turner & Associates Insurance, in Brunswick, Ga. Inflation guards are typically built into insurance policies, meaning your dwelling limit will inch up about 2% to 4% each year to keep pace with building costs.
“If you have two unexpected claims in one year after being claims-free for 10 years, the insurer will be a lot more lenient and likely to keep you as a client,” says Melanie Loiselle-Mongeon, vice president of Loiselle Insurance Agency, in Pawtucket, R.I. And if you have “Guaranteed replacement cost” coverage with your current insurer, you may not be able to replicate it with another company.
Even if you’ve made claims within the past three years, you may be able to lower your premium with some insurers.
The National Association of Insurance Commissioners’ A Shopping Tool for Homeowners Insurance contains a comparison worksheet and questions to guide conversations with your insurer or agent.
The orginal article.
Recent news that life insurers are now subject to a mild setback in the process for determining premiums might have been cheering if it didn’t come with a revelation that the actuaries of the world might be studying your Instagram feed.
Movies and mystery books portray life insurers beset by all sorts of exciting schemes, many devised by murderous spouses; insurance programs are broadly the targets of faked injuries, arson, and in-house theft, all of which merit the attentive investigation of policy-holders.
The larger affront is the idea of digital life carrying any actuarial influence at all.
Consider an influencer type, jogging with her well-groomed dog and wearing a piece of branded athleisure cropped up to show her yoga abs: Should her life, to an insurance giant, be worth more than yours?
The Department of Financial Services’ circular letter follows an eighteen-month investigation into life insurers’ information-gathering practices.
If insurers can prove that Insta-jogging correlates to a long life and few costly medical visits, it’s fair game for them to factor in.
Not only does this have the potential to squeeze daily digital life into a performance of health and virtue for any man, woman, or robot who might be observing but it also encourages disingenuous performances, in pursuit of cheaper premiums.
Beyond practicing self-restraint in skydiving, the Journal’s suggestions for staying on your life insurer’s good side included strategies for mastering your data trail.
The orginal article.
In an era when drug prices have ignited public outrage and insurers are requiring consumers to shoulder more of the costs, people are shocked to discover they can sometimes get better deals than their own insurers.
Pharmacy benefit managers, the companies that deal with drug benefits on behalf of insurers, often do negotiate better prices for consumers, particularly for brand-name medications, Mr. Rea said, but that’s not necessarily true for some generic drugs.
So when insurers seek deals for generic drugs, they do so in batches, reaching agreements for groups of different drugs rather than getting the lowest price on every drug.
In one case, a customer whose plan was managed by CVS Caremark, the drug benefit manager, would have had to pay more for a drug through her plan at a CVS than what she ended up paying at the same store, with a coupon from GoodRx.
Drug-discount cards have been around for decades, and retailers like Walmart have also offered cheap generic drug programs, but both were mainly used by people without insurance.
Reporters at ProPublica and The New York Times examined whether they could get better prices on 100 of the most prescribed drugs, identified by GoodRx, without using their insurance.
MedImpact has not yet formally responded to the allegations in federal court in New York.GoodRx, a private company founded in 2010, displays the deals it has with nine pharmacy benefit managers, each offering different prices for different drugs.
If those prescriptions are filled without an insurance card, pharmacy systems may not catch dangerous drug interactions.
The orginal article.