Insurance company may pay $275 million for Merck Ransomware Cyber Attack

931

Drug maker Merck which experienced a ‘NotPetya’ ransomware attack in June this year could get an insurance cover of $275 million from the insurer. The estimate forecast was provided by Verisk Analytics Inc’s Property Claims Services(PCS) unit and the actual amount may vary in reality.

Merck, on the other hand, is not interested in disclosing the exact amount offered by the insurance claim and added that the magnitude of uninsured losses is higher when compared to the claim which is being offered.


Frankly speaking, Merck was one among the dozens of firms which were hit by the ransomware attack on June 27th, 2017.

Britain’s GCHQ has held North Korea as the prime suspect in this attack which rapidly spread through corporate networks of multinationals operating across Europe, including Ukraine, US and some parts of Asia.

Merck has not yet quantified its losses on an official note. But the company’s spokeswoman, Claire Gillespie said in a statement yesterday that the insurance claim gained from the cyber insurance policy will just help cover 17% of losses. She reiterated that Merck’s total losses will not be covered by just a cyber insurance policy and was heard saying that ‘Co-payment’ doesn’t work in extreme financial crisis.

Meanwhile, Merck is striving hard in keeping the supply of its top-selling and life-saving drugs consistent. But the worlds largest pharmaceutical company warns of temporary delays in delivering some of the other products.

Note 1- NotPetya is a destructive virus software that quickly spreads across computer networks. It first encrypts the hard drives and then causes massive disruptions to industrial networks.

Note 2- Companies offering cyber insurance policies usually put the premium amount high for data breaches. However, the policy will cover issues such as expenses stemming from a data breach, such as forensics and data restoration, among other costs. It also covers losses incurred due to the business disruption when a breach or malware attack shuts down a company’s production network.