Get a Quick Quote

1300 514 965

Most Cyber Attacks Go Undetected for Months Especially Over Holiday Periods. Are You Protected? 

cyber insurance_banner 3

Cyber Incident Case Study: Strategic Implications for Large Enterprises 

A recent claim, provided by DUAL Australia, highlights the significant financial and operational risks posed by cyber incidents—even for organisations with robust systems in place.   

Incident Summary 

The insured organisation relied on a widely used online accounting platform for supplier payments and payroll. A supplier alerted the business to a missing payment, prompting an internal investigation. It was discovered that a threat actor had gained live access to both the company’s network and its accounting platform account.   

The attacker had installed a keylogger and a specialised malware (“log watcher”) on a compromised device. This malware monitored transactions between $5,000 and $50,000. When a transaction within this range was processed, the malware automatically altered the destination bank details in the accounting software, diverting funds to a fraudulent account. Notably, neither the accounting platform nor the bank detected or flagged the suspicious activity.   

Financial Impact 

Direct Loss: Approximately $30,000 in misappropriated supplier funds, covered as a cyber fraud event. 

Legal and Compliance Costs: Around $100,000 in legal expenses, including:  

  • A review of potential personal information breaches. 
  • Mandatory notification to the Office of the Australian Information Commissioner (OAIC) under the Privacy Act. 
  • Preparation for a potential liability claim against the accounting software provider (which ultimately did not proceed).   

Operational and Strategic Consequences 

The incident threatened a critical supplier relationship, with the supplier considering moving their business elsewhere—a risk that could have jeopardised ongoing operations. 

Without cyber insurance, these costs would have been borne directly by the company, potentially impacting cash flow, operational continuity, and future growth plans. In some cases, the absence of adequate cover could threaten the very survival of the business. 

Key Takeaways for Boards and Executives 

  1. Cyber incidents can result in substantial direct and indirect costs, well beyond the initial fraud loss. 
  2. Insurance plays a critical role in mitigating financial exposure and ensuring business resilience. 
  3. Boards should regularly review the adequacy of cyber insurance cover as part of their broader risk management and governance frameworks. 

Periods of reduced staffing and visibility can materially increase organisational exposure if detection and response processes are not well defined.

If this article has raised questions about your organisation’s cyber risk or readiness, we’re happy to provide clarity. Infosure works with executive teams to assess exposure, response capability and insurance coverage in a practical, confidential way.

For further information, you’re welcome to contact us on 1300 514 965 for a confidential discussion.

Get Cyber Insurance – Quick, Simple, and Hassle-Free

Request a Cyber Insurance solution in your inbox within 48 hours.

get a quick quote