In one of the strange decisions taken by Ohio Supreme Court over a previous judgement pronounced earlier by Ohio Second District Court, the law stated that there must be a direct physical loss or damage to a company in the event of a file encrypting malware disaster. Otherwise, the insurance provider can quash of the policy coverage as the malware infected only the software.
Going deep into the case, a medical billing software provider EMOI made an appeal when its cyber insurance coverage provider of Lansing, Owner’s Insurance Company, denied paying a loss coverage as there was no direct physical loss or damage to the media.
Though strange, the court gave a rational decision that a computer might be made with several components were tangible, but data stored on the PC had no physical presence. Thus, a ransomware attack on the software doesn’t qualify to be covered under the policy.
However, when cybersecurity insiders dug deep into the case and inquired about some sources, the court was not at fault in real.
Owners Insurance was claiming a loss coverage via a property insurance policy. And unless damage is done to the physical assets, the policy doesn’t cover the losses incurred with the disruption of the software on computing media.
Therefore, the Supreme Court overruled the decision pronounced by the district court earlier and directed the software developing company EMOI to not claim losses incurred by ransomware through a liability insurance policy and see for other alternatives to cover up losses.