Contracts mean what they say, rules court

From The Register:

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses.

SJ Computers alleged in a November lawsuit [PDF] that Travelers Casualty and Surety Co. owed it far more than paid on a claim for nearly $600,000 in losses due to a successful business email compromise (BEC) attack.

Travelers, which filed a motion to dismiss, said SJ's policy clearly delineated between computer fraud and social engineering fraud. The motion was granted [PDF] with prejudice last Friday.

In the dismissal order, the US District Court for Minnesota found that the two policy agreements are mutually exclusive, as well as finding SJ's claim fell squarely into its social engineering fraud agreement with Travelers, which has a cap of $100,000.

This case, therefore, is less of a litmus test for the future of legal disagreements around social engineering insurance payouts, and more an examination of a close reading of contracts.

“[Travelers'] Policy clearly anticipates – and clearly addresses – precisely the situation that gave rise to SJ Computers' loss, and the Policy bends over backwards to make clear that this situation involves social-engineering fraud, not computer fraud,” Schiltz said. ®