In The News

Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong.

The New York Times


Under a common, but rarely used clause in insurance contracts called the “war exclusion”, hundreds of companies like Mondelez, struck by the so-called NotPetya cyberstrike in 2017, are being denied claims related to digital attacks. At the heart of the issue is qualifying cyberattacks as cyberwar. For example, when Sony Entertainment experienced a cyberattack in 2014 brought on by North Korea, President Barak Obama was hesitant to label it as an act of “cybervandalism.”

In The New York Times article, “Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong,” John Carlin, chair of Morrison & Foerster’s Global Risk and Crisis Management group and co-chair of the National Security practice, is noted with saying that the “description of the Sony attack was deliberate” and that, “The Obama administration had worried, in part, that the use of “cyberwar” would have triggered the liability exclusions and fine print that Mondelez is now challenging in court.”



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.