European cyber losses have affected organizations across Europe in recent years. 2017 was a particularly busy year as the region faced a series of cyber incidents including the Wannacry and NotPetya, and the Macron campaign hack. In 2018, the region will see the implementation of new cyber and data privacy regulations in Europe such as the EU General Data Protection Regulation (GDPR) and the EU Network and Information Security Directive. These regulations are quite timely considering the European cyber losses that have occurred in recent years. Advisen’s loss data experts pulled together 13 notable European cyber incidents to illustrate how breaches in many forms affect European companies and organizations.
A whopping $250 million business income was lost after the global NotPetya ransomware attack affected thousands of victims, including a Denmark-based shipping company. The system shutdowns left some of its shipping terminals around the world unable to operate, and took over two weeks to fix, resulting in significant interruption to its normal business operations.
Another European cyber incident was the infamous misconduct of a UK media group which executed widespread phone hacking of celebrities, political figures, competitors, and thousands of others over the course of many years. The impact of the privacy violations spanned both the UK and other countries, and led to the shutdown of profitable operations, among others. Massive losses include $280 million in class action settlement for antitrust activities and $139 million in derivative shareholder settlement.
These are two of the most notable Europe-based cyber incidents featured in this paper prepared by Advisen using loss data pulled from its loss database. This cyber loss data is housed in a structured, relational database, and is mapped to the appropriate company from our database of over 20 million insureds.