Cyber Claims Surge in Severity as AI and Litigation Accelerate Losses
Monday, March 30th, 2026 Fraud Litigation Risk Management TechnologyThe 2026 Cyber Claims Report from Chubb shows a clear shift in how cyber losses develop and escalate. While claim frequency has stabilized in some markets due to improved detection and resilience, severity continues to climb, particularly in the United States where average breach costs exceeded $10 million. This divergence matters for adjusters because it signals fewer but far more complex and expensive claims, often involving multiple coverage triggers including business interruption, privacy liability, and regulatory response.
A major driver is the acceleration of incidents through artificial intelligence. The report highlights how attackers are now using autonomous tools that can compromise systems within minutes, eliminating the window for manual intervention. For claims teams, this compresses timelines for response and increases the likelihood of widespread damage before mitigation begins. At the same time, AI-related incidents are not limited to malicious use. Simple employee errors, such as uploading sensitive data into public AI tools, are creating new claim scenarios that blur traditional definitions of cyber events.
Litigation is now central to nearly every cyber claim. The report describes a ‘litigation-first’ environment where lawsuits can follow within days of a breach, often regardless of fault or control gaps. This trend significantly impacts claim severity, with defense costs, mass arbitration fees, and privacy-related damages driving losses. A case example shows potential exposure exceeding $40 million from arbitration demands tied to website tracking technologies, ultimately settling for $6.5 million. Adjusters must be prepared to manage early legal engagement, coordinate counsel, and evaluate coverage for emerging liability theories such as digital tracking and wiretapping statutes.
Ransomware and data breach claims continue to generate high costs, especially for small and mid-sized businesses. One incident involving 4 million affected individuals resulted in $4.7 million in reimbursed costs, with notification and credit monitoring expenses forming a large portion of the loss. These claims highlight the operational complexity adjusters face, including forensic investigations, regulatory notifications, and coordination across multiple vendors.
The report also underscores the growing impact of systemic risk and supply chain dependencies. Events like the Jaguar Land Rover cyber incident demonstrate how a single breach can trigger widespread business interruption, litigation, and economic ripple effects across thousands of entities. For adjusters, this increases the likelihood of contingent business interruption claims and requires careful analysis of policy language related to third-party providers.
Fraud remains a persistent issue, particularly social engineering losses. Even relatively simple schemes, such as fraudulent payment instructions, can result in six-figure losses with little chance of recovery. These claims emphasize the importance of coverage clarity around cybercrime endorsements and verification procedures.
Overall, the data signals a more complex claims environment defined by faster incidents, earlier litigation, and higher financial stakes. Adjusters must adapt by engaging earlier in the claim lifecycle, coordinating legal and technical experts, and understanding how AI, privacy regulation, and supply chain exposure influence both coverage and severity.
