Heartbleed for Mumsnet | Why Business Needs Cyber Liability Insurance

Heartbleed for Mumsnet | Why Business Needs Cyber Liability Insurance

The Heartbleed virus has wreaked havoc for online community Mumsnet.  

As the real impact of the Heartbleed cyber security bug starts to unravel, there’s never been a more explicit warning to review your website security and cyber insurance cover.


What is Heartbleed

Without going all technical on you, Heartbleed is a bug used by hackers to take advantage of a security flaw in a piece of open-source software called OpenSSL which is used for security on many popular websites ironically for data encryption.

The flaw potentially allows hackers access to the “secure” data, which could include personal information and credit card data.

While the software has now been patched, it is believed that could have been running undetected for up to two years.

What sites are impacted?

Some original estimates indicated that up to 60% of all internet servers may have been affected.  

The good news is that following more detailed investigation, Netcraft is now reporting that numbers could be a much lower 17.5 percent, nevertheless still a very significant number.

Leading websites are currently reviewing their systems and issuing statements, but regardless of the response, it is best practice to change all your current online passwords.


Parenting website Mumsnet is the first significant site to announce to its circa 1.5 million registered members that they believe cyber-thieves may have obtained passwords and credit card data before they repaired the security flaw on Saturday 12th April.

Mumsnet has emailed all members confirming the potential breach:

“We have no way of knowing which Mumsnetters were affected by this. The worst-case scenario is that the data of every Mumsnet user account was accessed.

It is possible that this information could then have been used to log in as you and give access to your posting history, your personal messages and your personal profile, although we should say that we have seen no evidence of anyone’s account being used for anything other than to flag up the security breach, thus far.”


Cyber Insurance

Cyber Liability Insurance offers protection against data breach and hacking, and a comprehensive suite of covers can be arranged to accommodate most exposures, including:

  • Third-party liabilities following a breach of privacy, confidentiality or transmission of a virus
  • Crisis Management & PR Costs – As highlighted by Mumsnet, significant news coverage can quickly emanate.  Cyber cover can provide immediate assistance in managing both the press and customers while you focus on the security resolution.
  • System and communication rectification Cover – Repairing systems and reinstating data as quickly and effectively as possible can generate high cost.  A Cyber Liability policy will enable you to restore your system as soon as possible, allow you to resume trading.
  • Intellectual Property (IP) Infringement Protection – Should you accidentally breach a third-party trademark or copyright. (For example, accidental misuse of protected images)
  • Business Interruption – Many businesses rely on their website and back-office systems to function,  as such, it’s likely that your revenues could be impacted.  Cyber Business Interruption cover will protect you against lost profits as a result of a claim.
  • Privacy Breach and Regulatory Costs – Some data breaches can incur potential investigation costs or fines from the government or regulator.  Cyber cover can extend to cover these costs and any penalties imposed.

Policies can be tailored depending on the specific requirements and size of your company.  We would suggest speaking to an Insurance Advisor to discuss which areas of cover are most suitable for your business.

Cyber Risk Management

Prevention is always better than cure and your business risk management, and disaster recovery programmes should include cyber exposures.

You Insurance broker or risk advisor can assist in arranging a specialist Cyber Risk assessment, utilising the services of a professional risk management company.  

The Government has also produced some useful guidance for businesses on their website.

Next Steps

  • Review your online processes and cyber risk exposures
  • Complete or update a Cyber Risk Assessment (including back-up data processes)
  • Review your Business Continuity or Disaster Recovery Plans
  • Speak to an Insurance Expert about Cyber Liability Insurance

FREE Business Insurance Review

Insync Insurance provides a free review of all your insurance requirements, including on and offline exposures.  You can book a review online or request a quote for Cyber Liability Cover via our website.  

Alternatively, call us on 0330 1240730 for more information.