Reinsurance News

Marriott breach cyber industry loss could be up to $600m: AIR

18th December 2018 - Author: Steve Evans

The insurable loss from the recent major cyber hack and resulting data breach of one of the Marriott hotel chain’s reservation systems could rise to as much as $600 million, according to AIR Worldwide.

marriott-hotels-cyber-hack-breachAIR estimates that the insurable loss from the Marriott breach will be between $200 million and $600 million, a particularly wide range that highlights the uncertainty in these cyber risk losses.

AIR said that the loss estimate is based on the assumption that 500 million records of customer data were stolen in the breach, as Marriott reported.

The range reflects the uncertainty about the type of data that was stolen, such as whether credit card details that were encrypted could be unlocked as the encryption key itself may have been stolen as well. There is additional uncertainty, as some of these records may be duplicates, AIR noted.

The breach was announced on November 30th, leaving the insurance and reinsurance market expecting a sizeable cyber risk loss.

Property Claim Services (PCS) later designated the event under its PCS Global Cyber product, suggesting it would be sizeable enough to track.

Now, AIR’s first estimate of the insurable losses from this cyber hack show the loss certainly will be sizeable.

“AIR’s new probabilistic security breach model shows that this type of event is not unprecedented, even though an event of this magnitude hasn’t previously happened to a hotel chain,” Scott Stransky, assistant vice president and director of emerging risk modeling commented. “In fact, the largest recorded breach for a U.S.-based hotel chain prior to this event was less than 1/50 the size in terms of the number of records stolen. There are more than 300 simulated events in our model that cause higher losses for U.S.-based hotels.”

AIR notes that the financial impact to Marriott will be partially mitigated by its cyber insurance and other liability insurance coverage the hotel chain is reported to have, but which are not accounted for in this insurable loss estimate.

It’s important to note that this is not an industry loss estimate, rather an estimate of potential insurable losses.

But note, Marriott has a specific cyber insurance tower that provides at least $250 million, up to as much as $350 million, of affirmative cyber insurance cover and right now it appears unlikely the loss will reach much higher than that level, according to our market sources.

Print Friendly, PDF & Email

Recent Reinsurance News

Getting your daily reinsurance news from Reinsurance News is a simple way to receive only the reinsurance industry news that matters, delivered directly to your email inbox.

  • Only email is mandatory, but the more you tell us about yourself the better we can serve you in future!
  • This field is for validation purposes and should be left unchanged.

By submitting the form you are giving your consent to be emailed by us.

Read previous post:
Re/insurers to cover more than half of global cat losses in 2018: Swiss Re

The re/insurance industry is expected to cover more than half of the total economic costs from natural and man-made catastrophes...