This article was created in partnership with Tokio Marine HCC
When it comes to personal data and security, vigilance is key - especially in a world where AI-driven crimes and cyber threats are on the rise. And for high-net-worth individuals (HNWI), the risk is even more prominent. Globally, the HNWI population is booming, with a 2.6% increase in 2024, according to Capgemini – with research from Campden highlighting that over 25% of these HNWIs, or HNW family businesses, have fallen victim to cyberattacks.
But in a world where companies and individuals are more reliant on technology than ever before, how can we police, protect and prevent these kinds of attacks? And, more importantly, how should people react and respond if they believe their personal data has come under threat?
IB sat down with Tamara Ashjian, vice president of cyber and tech claims & litigation at Tokio Marine HCC – Cyber & Professional Lines Group (CPLG), a member of the Tokio Marine HCC group of companies based in Houston, Texas. Ashjian deals with the claims of commercial businesses and personal cyber for high-net-worth individuals (HNW) every day. What she sees most often isn’t some high-tech hack or exotic malware - it’s something far simpler and far more devastating.
“The most common claims we see have to do with some sort of security or privacy breach that has compromised the insured’s personally identifiable information” added Ashjian. “But, they can also sustain a financial loss arising out of phishing attacks that result in a fraudulent funds transfer or even cryptocurrency theft.”
And these aren’t theoretical threats. As Ashjian told IB, one recent real-world example involved a crypto investor who became the victim of a convincing impersonation.
“Our insured had a cryptocurrency account with a company - we’ll call it company X,” she said. “He received a phone call from a person claiming to be from company X. This person said that they had identified a breach in their account and, to protect his Bitcoin, he needed to do a transfer into another wallet.”
What made the scam so convincing was how much the fraudster already knew. As Ashjian explained, the scammer had a lot of personal information about the insured’s account, meaning they naturally thought that the caller was from the legitimate company.
“[From there], he basically gave them any other information they needed, and proceeded with the transfer,” she said. “The threat actor advised it was going to take a day or two to see the transfer and secure their funds.”
The next day, the client logged in.
“He saw the funds for a minute or so, and then they disappeared,” she said. “He ended up losing over $30,000 in cryptocurrency. At that point he realized he’d been duped.”
Fortunately for him, the customer had personal cyber insurance in place. “There was coverage under financial fraud in his policy for cryptocurrency loss arising out of a phishing attack where the insured was induced in transferring these funds,” Ashjian explained. “After the deductible was met, the insured was reimbursed for the rest of his loss.”
And it’s a dramatic, yet all too common, scenario. So much so that 77% of HNWIs are actually more concerned about being hacked than they are about their investments declining in value, according to a recent Accenture study. These attacks are only fueling the personal lines sector, with data from McKinsey finding that personal lines P&C insurance premiums actually grew by 9.5% in 2022-23 to $1.1 trillion.
At CPLG, they understand that when disaster strikes getting the money back is only half the battle. In order to really mitigate the stress of the unfolding situation, it’s important to have a helping human hand to guide the insured through the chaos. As Ashjian told IB, they have a team of experts on hand to offer support and service.
“That’s a differentiator,” added Ashjian. “We created our cyber incident management team a couple years ago comprised of a lot of folks with technology backgrounds - some of them even came to us from forensic investigation firms. They jump on all urgent matters involving breaches and ransomware, whether it's personal or commercial lines, and try to assist insureds in every way.”
It’s not just about triage, it’s about chasing recovery wherever possible. This dedicated team works alongside government contacts and banks to try to see if funds can be frozen and clawed back for the affected insured. And, as Ashjian told IB, they have a rather impressive success rate.
“We have a pretty good percentage where we were able to recover partial or all of the lost funds, which doesn’t affect the insured’s policy limits,” she said.
Ashjian noted that this hands-on approach is particularly valuable for HNW individuals who don’t have access to corporate cybersecurity teams.
“This is especially important when working in personal lines, where you're dealing with individuals, not businesses, who may lack technical expertise and do not have access to in-house IT support,” she said. “Our team can offer a lot of services, and that is what makes us stand out.”
Phishing is the leading cause behind these types of losses. And while emails with suspicious links are well-known threats, Ashjian explained that voice calls are just as dangerous.
“It can begin with a malicious link, the insured is then tricked into clicking on it, which results in a hack. The threat actor is then inside that insured’s system, getting to know all their information.”
It’s a pattern that repeats itself, according to Ashjian. It's very common for these insureds to receive a call from someone purporting to be the bank, explaining that there’s a problem with password or an unknown device trying to access your account. These events are emotional and stressful, and they don’t just affect finances. As Ashjian told IB, clients are often deeply thankful - not just for coverage but for the support they receive during a crisis.
“A lot of these insureds are grateful to have the personal cyber coverage in place - because their commercial cyber policy will not cover a their personal losses,” she said. “An executive of a company that's covered under the commercial policy could be targeted but, if the phishing attack involves his personal account and his personal email it will not be covered under our commercial cyber policy . [As such], these individuals are grateful because [if it weren’t] for these personal cyber policies they could have losses.”
One common misstep Ashjian wants to address here is this hesitation to call the claims line immediately and try not to take matters into your own hands.
“We preach this to all our insureds, whether it's in the commercial or personal lines arena, the minute you think something is happening don't do anything,” she said. “Please call us.”
The problem is that some victims try to fix the issue themselves. “Sometimes they engage with the threat actors if they have some sort of ransom demand or message on their computer,” added Ashjian. “We've had insureds fall for it and call the hackers or run to some sort of Bitcoin machine to try to get money and pay. Don't do any of that because, a lot of times especially in the personal space, some of these tricks are just tricks. It's very common to get some sort of ransom demand message, but all the while it may not be credible.”
Ashjian’s advice is simple: get on the phone and call CPLG’s claims team. Don’t try to be the detective.
“The best way to handle these is just call us,” she said. “We investigate, and in the event we need additional expertise, we hire the right experts when needed.”
For brokers looking to bring this level of protection to their clients, she points to pre-claim services as a major value-add.
“We offer a lot of pre-claim services too, depending on which lines,” Ashjian noted. “That's where our Cyber Incident Management team gets involved. We provide pre-claim risk management services, training and tabletop exercises. You don’t necessarily need to have a claim to be able to get assistance from us.”
That ethos - support before, during, and after a claim - guides her team’s entire approach. And it’s something that really separates CPLG from the crowd.
“We like helping people - all of our insureds - but at the same time we like to prevent these types of attacks,” she said. “We try to provide necessary training and exercises to minimize these attacks and make our insureds less susceptible.”
If there’s one message Ashjian wants people to take from all of this, it’s to take cyber threats seriously - and prepare for the worst.
“Be vigilant,” she said. “Be very careful. One little mishap of clicking on a malicious link could cause so much damage; it's worthwhile to take your time. Be vigilant when you get phone calls - don't give any personal information – and get cyber insurance. It makes a huge difference.”
