The Insured’s director noticed that some documents on their server had been deleted. Further investigations were undertaken and it was discovered a hacker had been accessing the Insured’s system for the past 2 months.
The Insured notified the insurer who hired an IT Forensic Consultant to review the Insured’s systems. It was discovered 800 client files had been accessed which included private details such as driver’s licenses and passport numbers. The insurer appointed a specialist firm to monitor whether any client identities were stolen or sold as well as a law firm to advise on the data breach issues and draft a notification letter to all affected parties. It was determined that the Insured had to report the incident to the Privacy Commissioner and the appropriate steps were taken to secure the information they held. Remediation costs were also covered to rectify any issues with the Insured’s system.