Business Insurance

Cyber insurance warning as Lloyd’s of London investigates possible attack

Insurance market Lloyd's of London feared it was the victim of a possible cyber attack. What happened... and could this happen to you?

Lloyd's of London acted swiftly after detecting unusual activity on its network on October 5.

It said it shut down "external-facing systems as a precautionary measure", reset the network and assembled a team to carry out investigations.

The company, which provides a market for financial backers to spread risk, has been involved in implementing sanctions against Russia in response to its invasion of Ukraine, making it a potential target for attacks.

When it first discovered the potential breach, a Lloyd's spokesperson said: "Lloyd’s has detected unusual activity on its network and we are investigating the issue.

"We have informed market participants and relevant parties, and we will provide more information once our investigations have concluded."

In an update on Monday, October 10, Lloyd's said its investigations had concluded and found no evidence of data compromise. It said it would restore network services.

However, the threat will still come as a warning for any business that operates online - proving anyone can be the victim of a cyber attack, and showing how to respond.

The fast action by Lloyd's was in keeping with industry leaders and would mitigate risk had there been a breach of security, one expert said.

Chester Wisniewski, principal research scientist at Sophos, told Cybersecurity Drive Lloyd's quick reaction showed it had a "pretty mature security programme".

It also gave the impression that Lloyd's was working proactively rather than in reaction to a breach.

He added: “Companies that aren’t prepared don’t know what’s happening until it’s already happened and generally are in reaction mode.”

Indeed cyber protection is becoming increasingly important as businesses move online and hold sensitive information digitally.

Cyber insurance is essential for any business taking payments online or holding customers' personal data, Erin Yurday, CEO and co-founder of NimbleFins said.

It can also be useful for any business that operates on a network and depends on computers and the internet to carry out its work, Ms Yurday added.

She said: "This potential security breach should serve as a warning that anyone can be the victim of a cyber attack.

"If hackers had gained access they could hold the company to ransom, steal sensitive information and even potentially uncover confidential details about Lloyd's of London's clients. "Without insurance to cover, a victim of an attack may have to pay for external investigators, contingency plans, communication to customers, and also absorb any losses from being unable to trade.

"The cost of cyber insurance is a drop in the ocean when comparing it to the potential losses from an attack."

We’ve created a guide with the steps to follow if your business is the victim of a cyber attack.

Erin Yurday

Erin Yurday is the Founder and Editor of NimbleFins. Prior to NimbleFins, she worked as an investment professional and as the finance expert in Stanford University's Graduate School of Business case writing team. Read more on LinkedIn.