• Eight banking web sites in the United States, Canada, Great Britain, and Thailand were attacked resulting in 23,000 stolen credit card numbers. The hackers proceeded to publish 6,500 of the cards online causing third-party damages in excess of $3,000,000.
  
• A hacker stole approximately 300,000 customer credit card numbers from an online retailer. The hacker then attempted to use the stolen information to extort $100,000 from the company. Upon the firm"s refusal to cooperate, the hacker posted 23,000 card numbers online. As a result of the charge denials, credit card cancellations and re-issuance, the online retailer suffered approximately $2,000,000 in lost income and third-party damages.
  
• Two hackers cracked the computer systems of a major market research firm and subsequently obtained confidential corporate records. The stolen files included employee photographs, network passwords and personal credit card numbers of numerous senior managers. The hackers threatened to reveal the security breach to the company"s clients unless the Board of Directors paid them a "consulting fee" of $200,000. Upon retaining expert cybercrime investigators, the hackers were apprehended and prosecuted. The research firm spent approximately $1,000,000 in investigative and public relations fees.

• A hacker overwhelmed several large web sites through multiple distributed denial of service (DDOS) attacks. The culprit hijacked various computers throughout the world to bombard target servers with seemingly legitimate requests for data. It is estimated that the DDOS attacks, which interrupted the sites" ability to efficiently conduct their business, caused over $1.2 billion in lost business income.
  
• A disgruntled employee of a major consulting firm downloaded malicious code onto the networks of the firm, its clients and vendors. The code launched confidential information into the public domain and destroyed some critical corporate applications, resulting in more than $10,000,000 in third-party claims.

• In 1999, the Melissa email virus overwhelmed systems of thousands of companies around the world. The operations of at least 60 US-based Fortune 500 companies were brought to a halt due to the inability to handle the massive amounts of incoming and outgoing messages generated by the virus. The virus collectively caused millions of dollars in lost business income.
  
• The Love Bug virus (also known as the "I Love You" virus) spread rapidly through corporate email systems, infecting networks of hundreds of companies around the world. This attack was followed a few days later by as many as 11 copycat versions of the virus. It is estimated that the series of attacks collectively cost billions of dollars in lost business income and extra programming time.

• One of nation"s largest health insurers inadvertently sent email messages to 19 members containing confidential medical and personal information of 858 other members. Although the company immediately took steps to correct the problem, the company is now exposed to lawsuits alleging invasion of privacy.
  
• A utility admitted to a massive security breach that left debit card details of thousands of customers open to public scrutiny. A customer discovered the security hole when he went to pay his bill online - he discovered three files on the web server, containing the names, addresses and card details of more than 5,000 home and business users, including his own.
  
• An e-tailer brought suit against a web designer for damages the e-tailer sustained as the result of the unauthorized access of its private data files by a "hacker". The suit alleges that the web designer negligently designed the e-tailer"s web site by not providing adequate safeguards to prevent such type of intrusion.

• A bank employee obtained unauthorized access to the computer system in order to search for potential clients for a friend in the real estate business. The employee provided confidential information regarding consumers to the friend. The scheme was discovered after the confidential information was leaked to another party and subsequently used as a part of an identity theft scheme.
  - netAdvantage can protect you from suits that may arise from unintentional breeches of your privacy policy arising from a security breech. netAdvantage can also protect you from suits filed against you from consumers seeking damages due to identity thefts, should the consumers" information be released due to a failure of security of your computer system¹

• An online service allowed a famous author to advertise a book in one of its forums. The online service was sued for copyright infringement by an artist who claimed that the author used certain artwork on the cover of his book without getting the artist"s permission.
  
• An online news service created a web site inclusive of hyperlinks to alternate sites that were maintained by traditional print and broadcast media companies. When users clicked the links, they were linked to a framed copy of the site, rather than the site, itself. The traditional media firms sued the host site for copyright and trademark infringement on the basis that the firm was a "parasitic…site that republished the news and editorial content in order to attract both advertisers and users."
  
• An online insurance brokerage created a hyperlink that seemingly transferred its clients to additional pages on the site. It was later discovered that the brokerage "deep-linked" its users to the web pages of various insurance companies creating a seamless navigational experience. The insurance companies sued the online brokerage for copyright and trademark infringement.
  
• In an effort to drive additional users to its site, an online retailer registered meta tags that identified its firm with the names of its competitors. Upon discovery of the incident, competitors sued the retailer for copyright infringement.

• On June 21, 2000, hackers penetrated a US sporting apparel"s computer network and redirected its online traffic to a rogue anti-apparel site via servers domiciled at an overseas web hosting facility. The traffic swamped the overseas servers and subsequently impaired service to its real customers. The web host is suing the apparel firm for negligence in adequately securing its Internet domain.

• An online direct marketing company emailed solicitations on behalf of its clients to all users of a commercial Internet service provider (ISP). The ISP sued the marketing company for online trespassing. The court found that the marketing company was liable for trespass and damage to the ISP"s reputation.

• A hacker overwhelmed several large Web sites through multiple distributed denial of service (DDOS) attacks. The culprit hijacked various computers throughout the world to bombard targeted servers with seemingly legitimate requests for data. It is estimated that the DDOS attacks, which interrupted the sites" ability to efficiently conduct their business, caused over $1.2 billion in third-party liability claims and lost business income.
  
• A disgruntled employee of a major consulting firm downloaded malicious code onto the networks of the firm, its clients and vendors. The code launched confidential information into the public domain and destroyed some critical corporate applications, resulting in more than $10,000,000 in third party claims.
  
• An online news service created its web site by framing the content of other media companies within their site. By doing so, the service created the illusion that the content was all their own.
  The other media firms sued the site for copyright and trademark infringement on the basis that the firm was a "parasitic…site that republished the news and editorial content in order to attract both advertisers and users."
  
• An e-tailer brought suit against a Web designer for damages the e-tailer sustained as the result of the unauthorized access of its private data files by a "hacker". The suit alleges that the Web designer negligently designed the e-tailer"s Web site by not providing adequate safeguards to prevent such type of intrusion.
  
• A hacker stole approximately 300,000 customer credit card numbers from an online retailer. The hacker then attempted to use the stolen information to extort $100,000 from the company. Upon the firm"s refusal to cooperate, the hacker posted 23,000 card numbers online. As a result of credit card cancellations and re-issuance, the online retailer suffered approximately $2,000,000 in lost income and third-party damages.

• An employee of a major financial institution obtains account information and credit card account numbers for 68 accounts from the bank"s computer systems without authorization or in excess of her authorization. The information is used in a scheme to defraud the bank, and results in the fraudulent acquisition of good valued at approximately $100,000.
  - netAdvantage can protect financial institutions from suits filed by consumers seeking damages due to identity thefts, should the consumers" information be released due to a failure of security of the institution"s computer system². NetAdvantage can also protect a financial institution due to suits that arise from merchants seeking legal damages due to fraud losses arising from a breech of the institution"s security system.

• Russian hackers gain unauthorized access to the computer systems of various financial institutions and others. Using this unauthorized access, the hackers obtain account information for over 56,000 credit cards as well as personal financial information of consumers. The hackers used the information to defraud Internet payment services as well as to control/manipulate Internet auctions. In addition, the hackers attempted to extort money from the victims with threats of exposing information publicly, or damaging the victims computer systems.
  - netAdvantage can protect a financial institution from the following losses, if resulting from a failure of security of the insured institution's computer system³:
  
  1. for legal liability to merchants and service providers
  2. for the cost to restore/recreate data, and the loss of Internet revenue
  3. direct loss or costs resulting from cyber-extortion.

Gramm Leach Bliley Act - GLBA Compliance PDF

Health Insurance Portability and Accountability Act - HIPAA

Insurance