In recent months, there have been two major cyberattacks on property management firms. Personal information for building residents and employees, including Social Security numbers, dates of birth, mailing addresses, driver’s license numbers, passport numbers, and financial information may have been stolen. Even worse, the hackers were able to infiltrate the management firm’s computer system and lock it down because someone in their company clicked on a ‘phishing’ email that gave the hackers access.
For example, a board member received a phishing email they thought was from their property manager. They clicked on a fraudulent link and their computer got hacked. In this case, it affects the association. The board member had prospective shareholders’ personal information, which included an application and detailed financial information including pay stubs, bank statements, and income tax returns, which were all compromised as a result. Not only did they have to inform the prospective shareholder and monitor their credit, but they were sued as a result of the breach.
Most management firms have coverage for situations like this, but sadly most community associations do not. Not only can the management firm be breached, but the association itself can as well, leaving them with having to pay legal fees when sued by a breached individual, the cost to monitor a breached individual's credit, the cost to hire a specialist to find out how this happened, and a whole lot more. In addition, in a situation where the management firm was the one breached, that may not relieve the association of some responsibility, nor does it mean the association cannot be sued by a breached individual. It is not a matter of whether you will be breached, but when.
Cyber insurance provides relief for these unexpected events - and a reputable insurance carrier can help protect you from the unexpected.
Edward J. Mackoul is the CEO of Mackoul Risk Solutions, an insurance brokerage located in Island Park, New York. Learn more at https://mackoul.com/.