Target’s recent $19 million settlement with MasterCard underscores very significant sources of potential exposure that often follow a data breach incident. In the wake of any significant breach involving payment cards, such as the Target breach, retailers and other organizations that accept those cards are likely to face — in addition to a slew of claims from consumers and investors — claims from financial institutions seeking to recover their losses associated with issuing replacement credit and debit cards, among other losses.
Likewise, as Target’s recent settlement illustrates, organizations can expect to face claims from the payment brands, such as MasterCard, Visa and Discover, seeking substantial fines, penalties and assessments for purported PCI DSS noncompliance.
These potential sources of liability can eclipse other sources of liability.
Organizations should be aware that these significant potential sources of data breach and payment brand liability may be covered by insurance, including, but certainly not limited to, commercial general liability insurance, which most companies have in place, in addition to specialty cybersecurity/data privacy insurance and other types of insurance.
Here we provide 5 steps for securing coverage for data breach and PCI DSS-related liability.
To read the full alert, click here.