Berkley Insurance Co. has filed suit in federal court to recover more than $1mn lost in a cyber-theft scheme that exploited a compromised email account.
The insurer is suing Alliance Systems Integrators Inc., alleging the company failed to meet its contractual duty to notify client PPL Corp. of the breach.
According to the complaint in the U.S. District Court for Eastern Pennsylvania, Alliance was required under its contract to inform PPL within 24 hours of any security incident.
Instead, Berkley says Alliance remained silent after a manager’s email account was hijacked. On July 24, 2023, a threat actor used the account to instruct PPL to redirect payments to a fraudulent bank account.
In August, PPL executed three wire transfers totaling $1,005,373 to the bogus account. The fraud went unnoticed until Alliance later followed up on the unpaid invoices.
Berkley covered the loss under PPL’s commercial crime policy and is now pursuing recovery as PPL’s subrogee and assignee.
The lawsuit accuses Alliance of failing to exercise reasonable care by not securing its email system, not disclosing the compromise in time, and not alerting PPL when payments went missing. Berkley is seeking reimbursement of the stolen funds, along with attorneys’ fees, costs, and interest.
Additional Details in the Case
The dispute centers on Alliance’s contractual duty to notify PPL within 24 hours of any known or suspected compromise of its systems. In July 2023, an Alliance manager’s email account was hijacked and used to send fraudulent payment instructions.
PPL’s accounts payable team, believing the email was legitimate, redirected invoice payments to a third-party account. Three wire transfers were executed in August, totaling a little more than $1 mn, before the fraud was uncovered.
Berkley had covered the loss under PPL’s commercial crime policy and, as subrogee and assignee, now argues that Alliance failed to exercise reasonable care.
The complaint highlights Alliance’s delay in disclosing the breach, the failure to secure its email systems against compromise, and the absence of timely alerts when payments went missing. Berkley frames these lapses as breaches of both express and implied contractual obligations, as well as negligence.
The case, filed in federal court in Pennsylvania, also underscores a broader trend: insurers are increasingly turning to litigation to recover cyber-crime losses where third-party vendors are implicated.
Beyond reimbursement of the stolen funds, Berkley is seeking attorneys’ fees, costs, and interest, signaling its intent to hold service providers accountable when contractual promises around cybersecurity and incident response fall short.
