While the much-feared millennium bug of 2000 failed to materialise, the problem resurfaced in Germany ten years later, when the microchips in bank and credit cards were unable to recognise the year change to 2010. The problem affected around 25 million of 45 million new bank cards and over five million of eight million new credit cards. Some 200,000 ATMs also failed to work. Millions of cardholders were unable to use their cards to withdraw money from ATMs or make payments in shops. Who is liable for the losses the banks suffered in having to replace the cards?
Another example: In 2007 at TJX, one of the largest retailers in the USA, data on 45.7 million customers was illegally copied and sold. The company, which did not notice the loss until later, then not only had to deal with claims for damages but also had to contend with great harm to its image. The loss for TJX came to about US$ 150m.
However, cyber risks do not just involve the theft of data. There is much more to it than that – from server outages (for example from virus attacks) and unauthorised access of e-mail accounts or databases (hackers) to media risks such as copyright infringements.
