Fraud and Cyber Defense Coverage

This endorsement changes the policy. Please read it carefully.

The following additional coverage is added to Section II of the High Value Homeowners Policy.
Terms that appear in bold but are not defined in this endorsement have the definitions assigned
to them in the policy to which this endorsement attaches.

SCHEDULE
Coverage under this endorsement is subject to the limits and deductible indicated below.
Fraud and Cyber Defense Annual Aggregate Limit
$
(Applies per policy period to all coverages under this endorsement)
Cyber Attack Occurrence Sublimit
(Applies per occurrence to the Cyber Attack coverage under this $100,000
endorsement)
Fraud and Cyber Defense Occurrence Deductible
$
(Applies per occurrence to all coverages under this endorsement)

SECTION I - DEFINITION

Solely with respect to coverage provided by this endorsement, the definition of insured is
replaced with the following:

Insured
Insured means you or a family member.

The following definitions are added:

1. Active Cyber Security Monitoring Service

Active cyber security monitoring service means an electronic security and privacy
protection service that includes the continuous monitoring of data exchange on all of the
insured’s smart phones, tablets and computers, including both algorithmic and active
monitoring and oversight by cyber experts, in order to identify and block cyber attacks,
cyber extortion events and data breaches, including any service agreed to in advance by
us.

2. Computing Device
Computing device means a desktop, laptop or tablet computer or wi-fi router or other
internet access point. Such device must be owned or leased by you and operated under your
control.

3. Connected Home Device

Connected home device means any electronic device, other than a computing device,
that connects to the internet or to other electronic devices. This includes, but is not limited
to, networked versions of any of the following:
a. Smart phones;
b. Thermostats;
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 1 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 2

c. Entertainment systems;
d. Appliances;
e. Smoke, fire and home security monitoring systems; or
f. Cameras.
Such device must be owned or leased by you and operated under your control.

4. Cyber Attack
Cyber attack means one of the following involving a computing device or connected
home device:
a. Unauthorized Access or Use - meaning the gaining of access to your device or system
by an unauthorized person or persons or by an authorized person or persons for
unauthorized purposes.
b. Malware Attack – meaning damage to your device, system or data arising from malicious
code, including viruses, worms, Trojans, spyware and keyloggers. This does not mean
damage from shortcomings or mistakes in legitimate electronic code or damage from
code installed on your computer system during the manufacturing process.

5. Cyber Extortion Event

Cyber extortion event means one of the following involving a computing device or
connected home device:
a. A demand for money or other consideration based on a credible threat to damage,
disable, deny access to or disseminate content from your device, system or data; or
b. A demand for money or other consideration based on an offer to restore access or
functionality in connection with an attack on your device, system or data.

6. Cyber Extortion Payments

Cyber extortion payments means any payment as directed by the extortion threat, but
only when that payment is:
a. Incurred as a direct result of a cyber extortion event directed against you or another
insured; and
b. Approved in advance by us. However, at our reasonable discretion, we may pay for
cyber extortion payments that were not approved in advance by us if we determine
the following:
(1) It was not practical for you to obtain our prior approval; and
(2) If consulted at the time, we would have approved the payment.

7. Cyber or Other Fraud Event

a. Cyber or other fraud event means any of the following, when such event results in
direct financial loss to an insured:
(1) An identity fraud;
(2) The unauthorized use of a card, card number or account number associated with a
bank account, credit account, brokerage account, investment account or other
financial institution account issued to or registered in an insured's name, when, in
the case of a credit account, the insured is legally liable for such use or, in the case
of a non-credit account, not entitled to reimbursement from the financial institution;
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 2 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 3

(3) The forgery or alteration of any check or negotiable instrument;

(4) Acceptance in good faith of counterfeit currency; or
(5) An intentional and criminal deception of an insured or an authorized representative
of an insured to induce the insured or the insured’s authorized representative to
part voluntarily with something of value.
b. Cyber or other fraud event does not mean or include any occurrence:
(1) In which the insured is threatened or coerced to part with something of value;
(2) Between an insured and any of the following:
(a) Any other insured;
(b) The insured’s current or former spouse, common law spouse or domestic
partner; or
(c) The insured’s grandparent, parent, sibling, child or grandchild.
(3) Involving use of a card, card number or account number associated with a bank
account, credit account, brokerage account, investment account or other financial
institution account:
(a) By a person who has ever received any authorization from an insured to use
such card, card number or account number, unless such authorization was
obtained through a criminal deception of the insured or a criminal deception
of the person authorized by the insured; or
(b) If an insured has not complied with all terms and conditions under which such
card, card number or account number was issued.
(4) Arising from any of the following:
(a) The business or professional service of an insured.
(b) A dispute or a disagreement over the completeness, authenticity or value of a
product, a service or a financial instrument.
(c) A gift or charitable contribution to an individual or any legitimate organization.
(d) An online auction or the use of an online auction site.
(e) A lottery, gambling or a game of chance.
(f) An advance fee fraud or other fraud in which an insured provides money based
on an expectation of receiving at some future time a larger amount of money or
something with a greater value than the money provided but only when such a
scheme is reasonably recognizable as fraudulent at the time that the payment is
made by the insured.

8. Data Recovery Costs

a. Data recovery costs means the costs of a professional firm hired by you to replace
electronic data that has been lost or corrupted.
b. Data recovery costs does not mean costs to research, re-create or replace any of the
following:
(1) Software programs or operating systems that are not commercially available.
(2) Data that cannot reasonably be replaced. This includes, but is not limited to,
personal photos, movies or recordings for which no back-up is available.
(3) Data that is obsolete, unnecessary or useless to you.

9. Fraud Costs
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 3 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 4

Fraud costs means the amount fraudulently taken from the insured. This is the direct
financial loss only. Fraud costs does not include any of the following:
a. Other expenses that arise from the cyber or other fraud event;
b. Indirect loss, such as bodily injury, lost time, lost wages, identity recovery expenses or
damaged reputation;
c. Any interest, time value or potential investment gain on the amount of financial loss; or
d. Any portion of such amount that has been or can reasonably be expected to be
reimbursed by a third party, such as a financial institution.

10. Identity Fraud

Identity fraud means the act of knowingly transferring or using, without lawful authority,
a means of identification of an insured. This must be done with the intent to commit, or
to aid or abet another to commit, an unlawful activity that constitutes a violation of federal
law or a crime under any applicable state or local law.

11. One Cyber Occurrence

One cyber occurrence means all cyber attacks, cyber extortion events, data breaches
and cyber or other fraud events that:
a. Take place at the same time; or
b. Arise during the same Policy Period from the same source, cause or vulnerability.

12. System Restoration Costs

a. System restoration costs means the costs of a professional firm hired by you to do the
following in order to restore your “computing device” or connected home device to
the level of functionality it had before the cyber attack:
(1) Replace or reinstall computer software programs;
(2) Remove any malicious code; and
(3) Configure or correct the configuration of your device or system.
b. System restoration costs does not mean any of the following:
(1) Costs to repair or replace hardware. However, at our sole discretion, we may pay to
repair or replace hardware if doing so reduces the amount of loss payable under this
endorsement.
(2) Costs to increase the speed, capacity or utility of your device or system.
(3) Your time or labor.
(4) Any costs in excess of the replacement value of your system, including applicable
hardware and software.

SECTION II – PROPERTY COVERAGE

C. Additional Coverages is amended by adding the following:

Fraud and Cyber Defense Coverage

COVERAGE AGREEMENT
We will provide the insurance described in this endorsement in compliance with all applicable
provisions (including but not limited to all conditions, definitions and exclusions) of your High
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 4 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 5

Value Homeowners Policy. Coverage provided under this endorsement does not increase any
coverage limit under your High Value Homeowners Policy.

SECTION 1 – CYBER ATTACK

SECTION 1 – COVERAGE REQUIREMENTS

This Cyber Attack coverage applies only if all of the following conditions are met:
1. There has been a cyber attack; and
2. Such cyber attack is first discovered by you during the policy period for which this
endorsement is applicable; and
3. Such cyber attack is reported to us as soon as practicable, but in no event more than 60
days after the date it is first discovered by you.

SECTION 1 – COVERAGES PROVIDED

If all of the conditions listed above in SECTION 1 – COVERAGE REQUIREMENTS
have been met, then we will provide you the following coverages for loss directly arising from
such cyber attack.
1. Data Recovery
We will pay your necessary and reasonable data recovery costs.
2. System Restoration
We will pay your necessary and reasonable system restoration costs.

SECTION 2 – CYBER EXTORTION

SECTION 2 – COVERAGE REQUIREMENTS

This Cyber Extortion coverage applies only if all of the following conditions are met:
1. There has been a cyber extortion event against you or another insured; and
2. Such cyber extortion event is first discovered by you during the policy period for which
this endorsement is applicable; and
3. Such cyber extortion event is reported to us as soon as practicable, but in no event more
than 60 days after the date it is first discovered by you.

SECTION 2 – COVERAGES PROVIDED

If all of the conditions listed above in SECTION 2 – COVERAGE REQUIREMENTS
have been met, then we will provide you with the following:
1. Professional assistance from a subject matter expert provided by us for advice and
consultation regarding how best to respond to the threat.
2. Reimbursement of your necessary and reasonable cyber extortion payments.

SECTION 3 – FRAUD

SECTION 3 – COVERAGE REQUIREMENTS

This Fraud coverage applies only if all of the following conditions are met:
1. There has been a cyber or other fraud event against you or another insured; and
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 5 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 6

2. Such cyber or other fraud event is first discovered by you during the policy period for
which this endorsement is applicable; and
3. Such cyber or other fraud event is reported to us as soon as practicable, but in no event
more than 60 days after the date it is first discovered by you; and
4. Such cyber or other fraud event is reported in writing by you or another insured to the
police.

SECTION 3 – COVERAGES PROVIDED

If all of the conditions listed above in SECTION 3 – COVERAGE REQUIREMENTS
have been met, then we will pay your necessary and reasonable fraud costs.

EXCLUSIONS

The following additional exclusions apply to all coverages under this endorsement.

We will not pay for loss, damage or expense caused by or resulting from:

1. Any fraudulent act or intentional violation of the law by you or any insured.
2. Any criminal investigations or proceedings.
3. Any physical damage.
4. Any damage to a motor vehicle, watercraft, aircraft, or other vehicle.
5. Any third party liability or legal defense costs.
6. Any fines or penalties.
7. Loss to the internet, an internet service provider, or any device or system that is not owned
or leased by you and operated under your control.
8. Loss arising from any business or incidental business.
9. Except as specifically provided under the System Restoration portion of Cyber Attack
coverage, costs to research or correct any deficiency.
10. Any cyber attack, cyber extortion event, or cyber or other fraud event first discovered
by you prior to the inception of your coverage under this endorsement.
11. Any cyber attack, cyber extortion event, or cyber or other fraud event first occurring
more than 60 days prior to the inception of your coverage under this endorsement.

LIMITS

The Fraud and Cyber Defense Annual Aggregate Limit shown in the Schedule for this
endorsement is the most we will pay under this endorsement for all loss, damage or expense
arising during any one policy year. However, if the Fraud and Cyber Defense Annual Aggregate
Limit shown in the Schedule is $1,000,000, this limit will be reduced to $250,000 if you let your
active cyber security monitoring service lapse and that lapse reasonably contributed to a loss.
This limit shall apply to the total of all loss, damage or expense arising from all cyber attacks,
cyber extortion events, or cyber or other fraud events occurring during such policy year.
Our costs under Section 2 – Cyber Extortion to provide you with professional assistance from
a subject matter expert shall not count towards the loss, damage or expense included within
your coverage limit.
PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 6 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 7

If one cyber occurrence causes loss, damage or expense in more than one policy year, all such
loss, damage and expense will be subject to the Fraud and Cyber Defense Annual Aggregate
Limit of the first such policy year.

The most we will pay under Cyber Attack Coverage for data recovery costs and system restoration
costs arising from any one cyber attack is the sublimit shown in the Schedule. This sublimit is part of,
and not in addition to, the Fraud and Cyber Defense Annual Aggregate Limit.

DEDUCTIBLES

We will not pay for loss, damage or expense arising from any one cyber occurrence until the
amount of the covered loss, damage or expense exceeds the Fraud and Cyber Defense
Occurrence Deductible amount indicated in the Schedule for this endorsement. We will then
pay the amount of loss, damage or expense in excess of the applicable deductible amount,
subject to the Fraud and Cyber Defense Annual Aggregate Limit.

CONDITIONS

The following additional conditions apply to all coverages under this endorsement.

1. Confidentiality
As respects Section 2 – Cyber Extortion, insureds must make every reasonable effort not
to divulge the existence of this coverage.

2. Due Diligence
You agree to use due diligence to prevent and mitigate costs covered under this
endorsement. This includes, but is not limited to, complying with reasonable and widely-
practiced steps for:
a. Providing and maintaining appropriate system and data security; and
b. Maintaining and updating at appropriate intervals backups of electronic data.

3. Legal Advice
We are not your legal advisor. Our determination of what is or is not insured under this
endorsement does not represent advice or counsel from us about what you should or should
not do.

4. Other Coverage in This Policy

Some elements of coverage under this endorsement may also be covered under the High
Value Homeowners Policy to which this endorsement is attached. If so, the coverage under
the High Value Homeowners Policy will apply as excess or additional coverage. In addition,
if loss payment has been made under this endorsement for any one cyber occurrence that
is also covered under the High Value Homeowners Policy, we will pay under the High Value

PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 7 of 8
Company with its permission.
 Fraud and Cyber Defense Coverage
Page 8

Homeowners Policy the Fraud and Cyber Defense Occurrence Deductible amount
indicated in the Schedule for this endorsement.

5. Services
a. We will only pay under this endorsement for services that are provided by service
providers approved by us. You must obtain our prior approval for any service provider
whose expenses you want covered under this endorsement. We will not unreasonably
withhold such approval.
b. You will have a direct relationship with the professional service firms paid for in whole
or in part under this endorsement. Those firms work for you.
c. As respects any services provided by any service firm paid for in whole or in part under
this endorsement:
(1) The effectiveness of such services depends on your cooperation and assistance.
(2) We do not warrant or guarantee that services will be available or applicable to all
individuals.
(3) We do not warrant or guarantee that the services will end or eliminate all problems
associated with the covered events.

This endorsement is issued as part of Policy [XXXXXXX]. Except as it expressly states, it does
not (i) modify any of the terms and provisions of the policy, (ii) modify any prior endorsements,
(iii) extend the Policy Expiration Date, or (iv) increase the Amount of Insurance. To the extent
a provision of the policy or a previous endorsement is inconsistent with an express provision
of this endorsement, this endorsement controls. Otherwise, this endorsement is subject to all
of the terms and provisions of the policy and of any prior endorsements.

PHVH-END-GEN-029 (06/2017) Includes copyrighted material of the Hartford Steam Boiler Inspection and Insurance Page 8 of 8
Company with its permission.