It all started with a laptop left on a train.
A valuer working for a London-based chain of estate agents had a backlog of paperwork to catch up on, so he did the obvious thing and took his laptop home with him.
The valuer was a seasoned commuter and took the same train every evening.
Only he didn’t usually have a laptop with him. That’s why, when he reached his stop, he gathered up his paper and left, completely forgetting the laptop stowed safely under his seat.
It was only when he got home he realised his mistake. He was cross and frustrated, and he knew he wouldn’t be popular with the boss. But then again it was only a laptop, insured and replaceable. What’s the worst that could happen?
Home and dry
As (bad) luck would have it, however, the person who’d been sitting opposite our guy on the train happened to be a small-time crook. He clocked the laptop, made it his own, and once he’d quickly checked out what was on it, sold it to a contact.
Now the laptop was in serious criminal hands and the situation quickly got worse.
It wasn’t helped by the fact our valuer stored his passwords in a Word document on its desktop – including the one to access the estate agency’s system remotely.
It wasn’t hard for our lucky criminal to simply type the password, enter the system and steal the client data held there. That included names and addresses, and bank account and debit card details.
Which is when the estate agent’s clients began noticing large sums suddenly disappearing from their accounts. And when the police got involved.
Understandably, this was a stressful time for the estate agent and, frankly, they needed all the help they could get. Good job they had cyber insurance to help:
- With news of the data breach spreading fast, their policy paid to set up a team of call handlers to deal with enquiries and to personally contact each of the names on the estate agent’s client list. Cost: £450 a day for ten days.
- Some damage had already been done however, and claims soon started rolling in from people angry their personal information had been exposed and misused. Their policy paid for the legal expertise it took to handle each claim, and also covered the compensation due. Cost: £9,250
- The ICO decided to investigate once the data breach was reported. Cyber insurance paid for the investigation’s associated costs, and the fine issued at the end of it. Cost: £97 for each customer record, and a fine of £9,000
As for the valuer, he kept his job. He even got a new laptop. But he was made to take a cyber security awareness course alongside the agency’s other staff – after which he never stored his passwords on his desktop again.cyber liability insuranceestate agents