In 2020, a major cyber attack struck a multinational retailer, disrupting operations across multiple regions and compromising critical systems.
The incident led to significant financial losses, impacting digital infrastructure, operations, and revenue streams.
Estimated Insured Losses: £100 Million+
Modern cyber incidents are no longer just IT issues — they are full-scale business interruption events. Cyber Risk Insight
This case study explores how cyber risk, business interruption, and policy interpretation intersect in large-scale retail operations.
Risk Profile & Exposure
The retailer faced multiple cyber and operational risks affecting its core business functions.
Key exposure areas included:
- Network and server compromise
- Point-of-sale system disruptions
- Supply chain and logistics interruptions
- Customer data and privacy impacts
Insurance coverage included:
- Cyber property and digital asset protection
- Business interruption (BI) coverage
- Third-party liability
- Contingent business interruption (CBI)
This modern cyber policy was designed to respond to high-value operational losses in a digitally dependent business environment.
Incident Timeline
The attack occurred in early 2020 and spread rapidly across systems managing inventory, payments, and logistics.
Operations slowed significantly, and customer services were disrupted.
Revenue losses escalated as system downtime increased.
Surveyors and adjusters had to evaluate both digital damage and operational impact simultaneously.
Damage & Loss Assessment
The damage was primarily digital but had major operational consequences.
Key losses included:
- Compromised IT infrastructure
- Operational downtime across locations
- Business interruption losses from disrupted transactions
- Supply chain delays impacting revenue
Surveyors faced challenges in quantifying intangible digital losses and assessing dependent business impacts.
Claim Investigation & Adjusting
Adjusters and cyber specialists worked together to assess the claim.
Key actions included:
- Documenting affected systems and downtime
- Calculating financial and operational losses
- Reviewing policy wording for coverage triggers
- Engaging IT and legal experts for validation
Critical considerations included distinguishing cyber incidents from operational failures and applying policy limits and deductibles correctly.
Settlement & Industry Impact
Total insured losses exceeded £100 million.
The case highlighted key industry challenges:
- Need for clear cyber policy wording
- Significant exposure from BI and contingent BI
- Importance of rapid documentation and specialist input
- Growing complexity of cyber risk in large enterprises
This event influenced how insurers structure and underwrite large-scale cyber insurance programs.
Cyber risk is now one of the most complex and financially significant exposures in modern insurance. Insurance Technology Review
Key Lessons for Surveyors & Adjusters
Document both digital and operational impacts thoroughly.
Evaluate business interruption and contingent BI exposures carefully.
Understand cyber policy triggers and exclusions.
Coordinate IT, legal, and claims teams effectively.
Prepare for potential coverage disputes and litigation.
Frequently Asked Questions (FAQs)
What was the impact of the cyber attack?
The attack disrupted operations, compromised systems, and caused major financial losses.
How much were the insured losses?
Insured losses exceeded £100 million.
What types of claims were involved?
Cyber property damage, business interruption, contingent BI, and liability claims.
Why is business interruption critical in cyber claims?
Because system downtime directly impacts revenue and operational continuity.
How did this event impact cyber insurance?
It led to stronger underwriting practices and clearer policy wording requirements.
Conclusion
This major cyber attack demonstrates how digital risks can translate into large-scale financial losses.
With £100 million+ in insured losses, it highlights the importance of business interruption coverage and cyber risk management.
As businesses become more digitally dependent, such cases will continue to shape the future of insurance and claims handling.