AXIS Cyber
Retail Case Study
THE CUSTOMER
A global retail operator selling online via multiple brands across numerous territories.
THE INCIDENT
The retailer discovered that several of its websites in various countries had been compromised. The threat actors had gained access to their self-hosted back-end systems, and stole their customers’ personal information before encrypting them—and stole their customers’ personal information before encrypting it and locking them out of their network.
AXIS RESPONSE
The incident was identified and reported to AXIS Cyber Incident Commander who suggested immediate actions the retailer could take to preserve evidence and prepare for an investigation before a panel of cyber experts were quickly assembled including:
- Privacy counsel, to offer guidance on the firm’s regulatory obligations surrounding data incidents
- Forensic investigators, to identify how the incident had occurred and the extent of the incident
- A restoration team, to help bring their computer systems back to their original functioning state
- A PR firm, to help the customer prepare for any adverse publicity
With the panel in place, AXIS convened an initial planning call to determine next steps and ensure an effective response was formulated.
THE OUTCOME
The Forensics and Restoration team immediately got to work with the retailer’s IT team to repair the network while simultaneously determining how the attacker was able to get onto their systems so it could be prevented in the future. With data being stolen, the privacy team was able to assist the retailer with legal obligations in their jurisdiction. Due to the amount of data involved, AXIS provided the retailer with access to notification and data subject services to help them communicate with affected customers. Services like credit monitoring were offered to the victim’s downstream customers for free. The speed of the response meant the problem was quickly contained and the customer acknowledged that, without AXIS, they would not have been able to handle the incident themselves.
"The AXIS Incident Commander was essential in supporting the customer through those vital first few hours when the impact of the cyber incident was being assessed and the customer was at their most vulnerable"
Nicholas P.R. Steinmann Incident Commander
KEY CYBER COVERAGES TO CONSIDER
Typical for this type of risk would be to include:
- Forensic and legal expenses
- Public relations expenses
- Notification and credit monitoring expenses
ABOUT THE INCIDENT COMMANDER
Incident Commander is a complimentary rapid triage and support resource for primary cyber insurance policyholders that will help them to navigate a cyber incident.
Phone: 1-844-IC4-AXIS (1-844-424-2947)
Email: IC@axiscapital.com
Claims examples may be based on actual cases, composites of actual cases or hypothetical claim scenarios and are provided for illustrative purposes only. Facts have been changed to protect the confidentiality of the parties. Whether or to what extent a particular loss is covered depends on the facts and circumstances of the loss, the terms and conditions of the policy as issued and applicable law.
This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service provider discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.
