A fight between Merck, the pharmaceutical giant with an Upper Gwynedd location, and its insurers over a cyber-attack that happened more than two years ago could have far-reaching effects, writes Riley Griffin for The Philadelphia Inquirer.
In June 2017, Merck was hit by NotPetya, a creation of the GRU, Russia’s military intelligence agency. However, Merck was not the intended target but collateral damage in Russia’s attack on Ukraine.
The company amassed huge damages during the two weeks its systems were offline. But despite being insured, the company was denied its $1.75 billion in coverage. The reason, according to the insurers, was that Merck’s property policies specifically excluded an act of war as a class of risk.
However, Merck claims that it was not struck by an act of war but by a cyber event and is currently trying to prove that in court.
“The ‘war’ and ‘terrorism’ exclusions do not, on their face, apply to losses caused by network interruption events such as NotPetya,” wrote the company’s lawyers in a filing.
With the number of similar attacks increasing, whatever the courts decide will set a precedent for future cases.
Read more about Merck’s case in The Philadelphia Inquirer by clicking here.