Indiana Court of Appeals Determines That Insurer’s Insurance Quote Language Was Sufficient To Permit Insured’s Fraud Claim Seeking Coverage For Computer Hacker Loss

Richard K. Shoultz

Metal Pro Roofing, LLC, et al. v. The Cincinnati Ins. Co. 2019 WL 3756738 (Ind. Ct. App. 2019)

This case contains a number of interesting twists and turns.  An insured business learned that someone had hacked into their bank accounts and stole over $70,000.00. The insured made multiple claims for coverage under insurance policies that had been issued by Cincinnati Insurance Company.  Specifically, the insured sought coverage under a “forgery or alteration” provision that provided:

[The insurer] will pay for loss resulting directly from “forgery” or alteration of checks, drafts, promissory notes, or similar written promises, orders or directions to pay a sum certain in money that are

(1)       Made or drawn by or drawn upon you; or

(2)       Made or drawn by one acting as your agent;

or that are purported to have been so made or drawn.

The policies further defined “forgery” to be “the signing of the name of another person or organization with the intent to deceive,” but the policies did not define the term “alteration.”

The second coverage provision that the insured claimed applied was described as the “Inside the Premises” provision which stated:

[The insurer] will pay for loss of “money” and “securities” inside the “premises” or “banking premises:”

 (1)       Resulting directly from “theft” committed by a person present inside such “premises” or “banking premises;” or

 (2)       Resulting directly from disappearance or destruction.

The policies defined “premises” as “the interior of that portion of any building you occupy in conducting your business,” while “banking premises” was defined as “the interior of that portion of any building occupied by a banking institution or similar safe depository.”

Cincinnati filed a declaratory judgment lawsuit contending that no coverage was available to the insured. The insured filed a counterclaim seeking damages for breach of contract, and also asserted a bad faith claim against Cincinnati. The parties filed Cross-Motions for Summary Judgment which resulted in the Trial Court granting summary judgment to Cincinnati on the question of whether coverage was to be provided and on two of the three grounds of alleged bad faith. The Trial Court denied summary judgment to both parties on the question of whether Cincinnati had deceived the insured after denying the claim by stating that Cincinnati presented no evidence to support its entitlement to summary judgment on that issue.

The insured proceeded to amend their Counterclaim to contend that even if the computer hacking losses were not covered by Cincinnati’s policies, Cincinnati submitted an insurance quote for the policies’ acquisition that led the insured to believe that such losses would be covered if they purchased the policies.  Specifically, the insured relied upon the following language of the insurance quote:

Cincinnati can insure your money and securities while at your premises, inside your bank and even off site in the custody of a courier.  While you’ve taken precautions to protect your money and securities, you run the risk of loss from employees, robbers, burglars, computer hackers, and even physical perils such as fire.

Give yourself peace of mind with Cincinnati’s crime coverage to insure the money and securities you worked so hard to earn.

(emphasis added)

Cincinnati filed a second Motion for Summary Judgment contending that the above-referenced language was not a representation of coverage under the policy, and that any reliance upon such language was unreasonable due to a disclaimer also in the insurance quote “in fine print at the bottom of the page” which provided:

. . . This is not a policy.  For a complete statement of the coverages and exclusions, please see the policy contract.

In response, the insured designated an affidavit from its owner who asserted that he “accepted” Cincinnati’s coverage and “relied on the description” contained within the quote. Cincinnati moved to strike this affidavit by contending that the affidavit was inconsistent with the owner’s deposition testimony that he did not read the insurance policies before the loss occurred.  The Trial Court granted Cincinnati’s Motion to Strike the affidavit and eventually granted Cincinnati’s second summary judgment motion.  The Trial Court found that the insured’s Amended Counterclaim was actually a claim for fraud and the owner’s lack of reliance upon the insurance quote was fatal to the fraud claim.

On appeal, the Court of Appeals affirmed the first Summary Judgment Order finding no breach of contract by Cincinnati on whether coverage was available. Specifically, the Court found that there was no evidence that the hacker “signed” or “altered” anything to fit within the “forgery or alteration” coverage. Similarly, the Court found that there was no evidence that the hacker committed his “theft” inside the insured’s business or a bank, to fall within the requirements of the “Inside the Premises” coverage section.

However, the appellate court found that the Trial Court had erred in granting Cincinnati’s second summary judgment motion.  The Court found that the language in Cincinnati’s quote was sufficient for “a prospective insured to read that language, in that sequence, to mean ‘if you want to be covered for theft by computer hackers, you should buy this endorsement.’” The Court found that the Trial Court also erred in striking the insured’s affidavit because the Court found it was consistent with the owner’s deposition testimony.

The Court then went on to address Cincinnati’s argument that the “disclaimer language” established, as a matter of law, that the insured’s reliance upon the insurance quote that the computer hacking losses were covered under the Cincinnati policies was unreasonable.  The Appellate Court claimed that a trier of fact should decide whether the disclaimer was sufficient to rebut what the Appellate Court found was “misleading language” of the insurance quote and the suggestion that a loss from a computer hacker was covered.

This case presents a potentially dangerous situation for addressing coverage questions. Insurance companies will have to carefully scrutinize their marketing language to avoid the potential that such language could be argued as a fraudulent inducement by the insurer to entice an insured to purchase coverage that does not exist under the policy. Typically, the extent of coverage is to be found within the insurance policy itself, not to marketing language that is used to suggest potential coverage that could be available.