Your agency builds a plugin for a client’s website. A coding mistake exposes an admin page and the client’s database is accessed. The client claims your work caused their loss and demands you pay legal costs and damages.

Cover may include claim expenses and damages you are legally obligated to pay if a client alleges your tech services error caused loss.

Your ecommerce site is hit by a denial of service attack on a busy weekend. Customers cannot check out and your staff cannot access cloud systems. You lose sales and pay for extra IT help to restore service and keep orders moving.

Cover may include lost income and extra costs if your systems are interrupted by a covered incident, after the waiting period.

A laptop with customer records is stolen from a car. You later learn the files were accessed. You need forensic help, legal advice, customer notices and credit monitoring. A customer alleges you failed to protect their data.

Cover may include breach response costs (forensics, legal advice, notifications) and cyber liability insurance for claims from others.

A staff member clicks a fake invoice link. Ransomware encrypts your laptops and server and a note demands payment. You cannot access bookings, invoices or files for two days while experts help you contain the attack.

Cover may include cyber extortion expenses and breach response support to investigate, contain and recover, with insurer consent.

A competitor claims your app uses their patented feature and you copied their design. They sue for infringement and demand damages and an order to stop selling your software. You lodge a claim for the legal costs and payout.

IP infringement claims like patent or trade secret disputes are excluded. An exception may apply to some software copyright claims.

A storm knocks out the NBN in your area. Your phones and internet drop and your cloud POS cannot connect. You lose a day of sales and ask for business interruption cover, but there was no cyber attack on your provider.

Outages from third party utilities or telecoms are excluded, unless the provider’s downtime is directly caused by its own security failure.

A director secretly redirects customer payments to a personal account and hides it in the books. When it is discovered, customers demand refunds and you ask the policy to pay the loss, plus legal costs to defend the business.

Dishonest or fraudulent acts by, or known by, a senior executive are excluded. Defence costs may be paid until a final decision is confirmed.

Before you buy cyber insurance, you already know your customer portal has been hacked and data may be leaking, but you do not tell the insurer. Two weeks into the policy, customers complain and you lodge a claim for breach response costs and liability.

Incidents known or reasonably foreseeable by a senior executive before cover starts are excluded. Matters already notified elsewhere are too.