This is a notice for site visitors.

Learn More
Search
Close this search box.
CAMICO Logo
Search

This is a notice for site visitors

Learn More

The Latest

Claim Chronicles 126-B

Third-party damages: refers to damages alleged by clients or other third parties that the negligence of the CPA firm contributed in whole or in part to the third party’s cyber-related loss.

Topic: Third-Party Cyber Attack

CAMICO policyholders Michael Jones and Tom Smith of Jones & Smith Accounting Services were out of the office during the week of May 19-23. On May 20, their office received a call from a fraudster who claimed to work for Wells Fargo. Leslie Johnson, a current employee of the accounting firm, was the individual who answered the call and shared the requested information with the attacker. A day later, the scammer initiated multiple fraudulent transactions. While Jones was traveling back to the office on May 26, he received a call from Matthew Patterson, a client relationship manager with Wells Fargo. Patterson advised that a transaction for $224,528 was requested, along with a $175,000 ACH (Automated Clearing House) electronic payment. Jones explained that they were fraudulent transactions, and both were stopped and deleted. Alarmed by the fraud, Jones called the fraud department later that evening to discuss his concerns. He learned that three transactions for $153,000, $193,000, and $175,000 were moved into a fraudulent account and were deleted and reversed on May 23. Four days later, a lump sum for $525,000 was transferred out of the client’s account into a different fraudulent account, however, the funds were not reversed. Wells Fargo was able to stop three transactions, but not the largest one of $525,000. Fortunately for Jones, some of the money was recovered through Wells Fargo’s cyber carrier (after a forensic investigation was conducted).

Select the answer that is the correct response: 

1. What was the accounting firm’s breach/ key mistake?
a. Not implementing multiple security tools to detect and block cyber threats
b. Not installing robust security software and maintaining it with the latest security updates
c. Human error; lack of proper training and strict adherence to firm-wide protocols

2. Was this third-party claim covered by the policyholder’s coverage with CAMICO?
a. Yes
b. No

3. Are most third-party claims covered under a policy with CAMICO?
a. Yes
b. No

Correct Answers:

1. c. Leslie Johnson, an employee at the accounting firm, gave the attacker sensitive information without proper verification and company protocol. Firms can and should consider their people as the first line of defense against cyber threats. Human error remains a significant threat to cybersecurity, with a wide range of activities such as weak password practices, falling for phishing attacks, and the mishandling of sensitive information contributing to security breaches. Refer to The Cyber Saga Continues… Protect Your Firm from First-Party and Third-Party Cyber Exposures article in this IMPACT for risk management tips on this topic.

2. a. Yes. It was fully covered under the policyholder’s Accountants Professional Liability (APL) policy because they engaged to do a professional service and their office gave the attacker information that resulted in the fraudulent transactions, so the insuring agreement was met. CAMICO’s APL insurance is designed to cover losses by third parties that CAMICO’s policyholder is responsible for due to negligence. This claim is an example of a vishing cyber attack, or voice phishing, where fraudulent phone calls are made to trick individuals into revealing personal information or money. These scams often involve attackers impersonating trusted entities like banks, government agencies, or tech support to gain the victim’s trust and exploit them.

3. a. Yes. As long as a claim fits the insuring agreement and no exclusions apply, most third-party cyber damages that are a result of the professional services that the policyholder engaged to do are covered. How liability is assessed: Was the policyholder liable for allowing the fraudulent activity to occur? What duties did the policyholder owe? What duties did the policyholder breach? What damages were sustained and are those damages a result of the breached duties?

The “Claim Chronicles” are drawn from CAMICO claims files and illustrate some of the dangers and pitfalls in the accounting profession. All names were changed.

Share this article

Sign up to receive our monthly newsletter

Sign Up
Facebook Twitter Youtube Linkedin

1800 Gateway Drive, Suite 200, San Mateo, California 94404
800.652.1772 / 650.378.6800 / inquiry@camico.com

CAMICO Services, Inc. dba CAMICO Insurance Services, CA License #0C09618. CAMICO Mutual Insurance Company, (Rated A- (Excellent) by AM Best) San Mateo, CA, domiciled in California is licensed in all states and the District of Columbia, NAIC #36340. Copyright © 2024 CAMICO. All rights reserved. Website design by StyleSite.

Privacy Policy
Terms & Conditions
Sitemap