Portion of P.F. Changs’s Cyber Losses Not Covered By Chubb Policy


PHOENIX, June 1 – According to an article published last week on businessinsurance.com written by Judy Greenwald, a federal court in Arizona has held hat Chubb Ltd. does not have to reimburse P.F. Chang’s for costs related to  a 2014 data breach under its cyber policy.

Federal Insurance Co., a unit of  Chubb Ltd. unit sold a Cybersecurity policy P.F. Chang’s China Bistro Inc. parent corporation, effective Jan. 1, 2014, to Jan. 1, 2015.  The policy was sold and represented as coverage for “direct loss, legal liability, and consequential loss resulting from cyber security breaches,” according to the opinion, authored by District Judge Stephen M. McNamee.

Chang’s entered into a contract  with Bank of America Merchant Services L.L.C. to process credit card payments made by Chang’s customers.  On June 10, 2014, Chang’s learned that computer hackers had obtained and disclosed 60,000 customer credit card numbers.

Federal had already paid Chang’s more than $1.7 million for breach related costs.

Bank of America separately sought nearly $2 million in costs arising from the breach from Chang’s, which Change’s reimbursed.  Federal, however, denied Change’s request for coverage  of this third party reimbursement, after which Chang’s filed suit.

Judge McNamee agreed with Federal that policy language requiring Federal to pay Chang for losses related to privacy injuries was inapplicable to the B of A claim, holding that the bank’s records were not themselves compromised by the breach.  The judge wrote, “The court agrees with Federal; (Bank of America) did not sustain a privacy Injury itself, and therefore cannot maintain a valid claim for injury against Chang’s.  The judge granted  Chubb’s motion for summary judgment in part on that basis.

P.F. Chang’s China Bistro, Inc. v. Fed. Ins. Co., 2016 U.S. Dist. LEXIS 70749 (D. Ariz. May 26, 2016)

%d bloggers like this: