Unauthorised modification refers to the alteration, deletion, or corruption of data or systems without proper authority, including malware installation, configuration changes, or data tampering. This may trigger coverage under a cyber policy when changes are made by hackers, malicious insiders, or malware—such as ransomware encrypting files, attackers deleting databases, or viruses corrupting system files. Insurance coverage typically includes costs for forensic analysis to determine what was changed, data validation and restoration, system rebuilding, and potential third-party claims if customer data was altered. However, coverage often depends on having proper change controls in place; insurers may expect businesses to maintain baseline configurations and audit logs showing what should and shouldn't change. Without evidence of normal system states, proving unauthorised modification becomes difficult. Common examples include website defacement, database manipulation, or malware altering security settings. Maintaining system backups and change logs strengthens both security posture and the ability to substantiate insurance claims.
.webp)
.svg)
