Merck and insurers settle dispute over 2017 NotPetya cyberattack
Merck has reportedly settled a dispute with insurers over the 2017 NotPetya cyberattack and related $1.4bn claim that insurers said was excluded by policy contract language.
Terms of the settlement were not disclosed.
The dispute centered on a 2017 cyberattack using the NotPetya malware that resulted in a $1.4bn claim from Merck. The attack infected more than 40,000 computers in Merck’s global network, according to the pharmaceutical manufacturer.
Insurers responded by asserting that a hostile/warlike action exclusion clause in their coverage was “clear and unambiguous” and “plainly applies” to the NotPetya attack.
The settlement comes just as the case was moving to the New Jersey Supreme Court for review of a state appellate court ruling that Merck was entitled to roughly $700m in claims, according to Bloomberg.
Chubb and Merck did not immediately respond to a request for comment.
This article first appeared on our sister website Business Insurance. For further news from Business Insurance, please click here.