CYBER and DATA - LIMITED EXCLUSION ENDORSEMENT 1A (for attachment to US General Liability and Excess Liability forms)

 

CYBER and DATA - LIMITED EXCLUSION ENDORSEMENT 1A (for attachment to US General Liability and Excess Liability forms)

 

 

 

1                Notwithstanding any provision to the contrary within this Policy or any endorsement thereto this Policy does not apply to any actual or alleged loss, damage, liability, claim, fine, penalty, cost or expense of whatsoever nature directly or indirectly caused by, contributed to by, resulting from, arising out of or in connection with any:

1.1          Cyber Act or Cyber Incident including, but not limited to, any action taken in controlling, preventing, suppressing or remediating any Cyber Act or Cyber Incident;

1.2          Data Breach; or

1.3          other loss of use, reduction in functionality, repair, replacement, restoration, reproduction, loss of, damage to, corruption of, inability to access or inability to manipulate or theft of any Electronic Data, including any amount pertaining to the value of such Electronic Data;

regardless of any other cause or event contributing concurrently or in any other sequence thereto, unless subject to the provisions of paragraph 2.

 

 

2                Paragraph 1 of this Exclusion does not apply in respect of any actual or alleged loss, damage, liability, claim, cost or expense for and/or arising out of:

2.1          any Bodily Injury (however this sub-paragraph 2.1 does not apply to mental injury, mental anguish, shock or humiliation unless resulting directly from actual bodily injury), or;

2.2          any Property Damage

resulting from or arising out of a Data Breach or Cyber Incident, unless that Cyber Incident is caused by, contributed to by, resulting from, arising out of or in connection with a Cyber Act.

Nothing contained in the foregoing shall provide any coverage for any costs incurred by an

Insured in controlling, preventing, suppressing or remediating 1.1, 1.2 or 1.3 above.

 

 

3                For the avoidance of doubt, this policy does not cover notification costs, crisis consultancy costs, credit monitoring expenses, replacement of actual credit or payment cards, forensic expenses, public relations expenses or legal advice and services arising out of or in connection with a Data Breach.

 

 

 

Definitions

 

For the purpose of this Endorsement only, the following Definitions will apply:

 

4                Computer System means any computer, hardware, software, communications system, electronic device (including, but not limited to, smart phone, laptop, tablet, wearable device), server, cloud or microcontroller including any similar system or any configuration of the aforementioned and including any associated input, output, data storage device, networking equipment or back up facility, owned or operated by the Insured or any other party.

5                Cyber Act means an unauthorised, malicious or criminal act or series of related unauthorised, malicious or criminal acts, regardless of time and place, or the threat or hoax thereof involving access to, processing of, use of or operation of any Computer System.

6                Cyber Incident means:

6.1          any error or omission or series of related errors or omissions involving access to, processing of, use of or operation of any Computer System; or

6.2          any partial or total unavailability or failure or series of related partial or total unavailability or failures to access, process, use or operate any Computer System.

7                Data Breach means:

7.1          the theft, loss, access to, acquisition of, or unauthorized or unlawful use or disclosure of any person's or organization's confidential or personal information, including patents, trade secrets, processing methods, customer lists, financial information, credit or payment card information, health information, biometric data or any other type of non- public information, involving access to, processing of, use of or operation of any Computer System; or

7.2          the violation of any statute, regulation, common-law, or any other law regulating or protecting access to collection, use or disclosure of, or failure to protect any non-public confidential or personal information in the form of Electronic Data.

8                Electronic Data means information, facts or programs stored as or on, created or used on, or transmitted to or from computer software, including systems and applications software, hard or floppy disks, CD-ROMs, tapes, drives, cells, data processing devices or any other media which are used with electronically controlled equipment.

 

 

For the purposes of this Endorsement only the definition of Property Damage is deleted and replaced with:

9                Property Damage means physical injury to tangible property including all resulting loss of use of that property. All such loss of use shall be deemed to occur at the time of the physical injury that caused it. Electronic Data is not tangible property.

 

 

 

 

LMA5474B 23 July 2021