Merck settles on claim for NotPetya attack havoc.

January 9, 2024
1 min read

Key Points:

  • Merck and its insurers have reached a settlement for a $1.4 billion insurance claim filed by the pharmaceutical company after the NotPetya cyberattack in 2017.
  • Merck did not have cyber insurance during the attack, but the damage was later found to be excluded under the war exclusion clause.

Merck and its insurers have come to a settlement agreement for a $1.4 billion insurance claim filed by the pharmaceutical giant in relation to the destructive NotPetya cyberattack that occurred in 2017. The terms of the settlement were not disclosed. This settlement comes after Merck successfully received favorable court decisions in 2022 and 2023.

During the NotPetya attack, Merck did not have cyber insurance coverage. At the time, insurers determined that the damage caused by the attack fell under the war exclusion clause in their policy, therefore not eligible for coverage. However, New Jersey Superior Court Judge Thomas Walsh later ruled that the war exclusion clause did not apply in this specific case. This decision was subsequently upheld by the New Jersey appellate when the insurers appealed the ruling.

Bloomberg Law reported that the settlement between Merck and its insurers comes just before a New Jersey Supreme Court review of the insurance dispute was scheduled to take place. This review had the potential to establish a national precedent that could impact the growing cyber insurance market.

This settlement highlights the ongoing disparities in cyber insurance coverage and the importance of carefully examining the fine print of insurance policies. Without cyber insurance coverage during the NotPetya attack, Merck was at risk of facing significant financial losses. It is crucial for organizations to understand their insurance coverage and ensure that they are adequately protected against cyber threats.

Overall, this settlement provides a resolution to Merck’s insurance claim and emphasizes the necessity for businesses to carefully consider their insurance coverage in relation to cyberattacks.


  1. SecurityWeek
  2. SiliconAngle

Latest from Blog

Top CISA official looks back on four years of cyber work

TLDR: Eric Goldstein, a top official at CISA, reflects on progress made in cybersecurity during his tenure. Key achievements include understanding cyber risks, collaboration with industry, and encouraging secure product development. Eric

Juggling AI cybersecurity highs and lows

TLDR: At the 2024 MIT Sloan CIO Symposium, industry leaders discussed the challenge of balancing AI’s benefits with its security risks, particularly focusing on generative AI. While generative AI can bring benefits

Get your free Cyber Security eBook now Valued at $169

“`html TLDR: Key Points: Claim your complimentary eBook worth $169 for free before May 22. The eBook covers practical applications of cyber security and network security for professionals, engineers, scientists, and students.