How negative media can impact reputation

How negative media can impact reputation

In today’s digital landscape, a cyber incident doesn't always end with system recovery — it can spiral into a reputational crisis.

In Australia, a new method of publicising cyber-attacks has evolved. Journalists are scouring the Dark Web and BreachForums for businesses that have had sensitive information stolen or that are being held to ransom. The journalist then contacts the breached business for comment – in some cases this can be the first time the business is aware of the breach. Articles are then published in the cyber media naming the impacted business, providing updates as the story develops. The incentive for journalists of this approach is obvious in that they are able to publish breaking news content.

Cyber insurance policies provide coverage for the impact on businesses profitability as a direct result of a cyber event. This usually includes the loss of profit the business may suffer over the next year and expenses incurred to maintain normal operations.

However, let’s take the following scenario, using an online retailer: An online retailer suffers a ransomware attack, which is well maintained by the incident response team provided through their cyber insurance policy. The insurer’s IT forensic experts isolate the affected system, contain the attack and eradicate the ransomware. Due to the lack of available evidence, it is difficult to determine if any customer information had been stolen by the threat actor and legal advice is presented to the insured which concluded that there was no eligible data breach to report as it is difficult to find that the serious harm threshold was met under the Privacy Act.

Three months later, the retailer is contacted by a cyber journalist regarding claims being made by an unknown hacker online that the retailer’s customer data is being listed for sale on BreachForums. It is difficult to verify the accuracy of the hacker’s claims. The journalist publishes an article about the breached customer information on their news website naming the retailer, and the news quickly spread across various media channels. The retailer started to get enquiries from customers about the safety of their information and online orders quickly declined.

In this scenario, the lost revenue suffered by the retailer was as a direct result of the adverse media event arising from a security breach and not a direct result of the security breach. This distinction may cause cyber insurance policies to respond in varying ways to this scenario.

Sync Underwriting’s Reputational Harm coverage reimburses our Insureds for profit lost as the direct result of an adverse media event arising from a security breach. Coverage is automatically included in all policies to the full Limit of Liability.

Written By:

Richard Smith, Chief Executive Officer, Sync Underwriting
  • Home
  • Team
  • Product
  • Exposure Explorer
  • Incident Response
  • Insights
  • Contact
  • Terms & Conditions
  • Privacy Policy
  • Cookie Settings

    • Complaints & Disputes: PDF
    Family Violence & Supporting Vulnerable Customers Policy: PDF
    Financial Hardship: PDF

    © Sync Underwriting Pty Ltd, All rights reserved 2025.

    Sync Underwriting Pty Ltd, ABN 17 678 294 712
    distributes and administers cyber insurance
    on behalf of insurer
    Tokio Marine & Nichido Fire Insurance Co., Ltd.,
    ABN 80 000 438 291, AFS Licence No. 246548.
    Sync Underwriting is a Corporate Authorised Representative,
    CAR No. 1312389 of Halo Underwriting Pty Ltd,
    ABN 48 008 497 318, AFS Licence No. 237267.

    Platform by: www.shapeable.com

    Powered ByRhodian Logo