Canvas data breach: Affecting 275 million users, sounding another alarm for enterprise network risks

The international online teaching management platform Canvas was recently hacked, affecting 275 million users worldwide. In Hong Kong, data from over 70,000 students and staff from several institutions, including PolyU, Hong Kong Institute of Construction, and HKUST, was leaked. Canvas' parent company previously stated that it had reached an agreement with the hackers to return the stolen data; however, the hackers admitted that they could not guarantee the data would be permanently deleted. Some cybersecurity experts have expressed doubts about whether the attack has ended, stating that paying a ransom does not equate to the end of the threat, and that this approach is like drinking poison to quench thirst


Recent cyberattacks have been frequent. In 2025, Hong Kong police recorded 31,571 technology-related crimes, a 6.9% decrease from the previous year, but losses increased by 23.2% to HK$6.32 billion. Regarding destructive cyberattacks, 52 cases of system intrusion were recorded, a decrease of 9 cases from the previous year, but losses increased to HK$62.6 million, a 145% increase; there were also 43 ransomware cases, a decrease of 3 cases year-on-year. In the first quarter of this year, police recorded 6,504 technology-related crimes, a 15.3% decrease compared to the same period last year, with losses also decreasing to HK$1.29 billion, a 10% decrease year-on-year. Businesses' increasing reliance on and frequent use of information technology will significantly increase their risk of cybersecurity threats. Cyberattacks or security incidents can incur substantial costs and lead to severe losses for businesses

(Source: Hong Kong Police Force's Cybersecurity Report 2025)


What is cybersecurity insurance?

Cybersecurity insurance (also known as cyber insurance) is an insurance product specifically designed to protect businesses or individuals against financial losses caused by cyberattacks, data breaches, or other digital risks. It helps the insured cope with events such as hacking, ransomware attacks, or business interruptions, providing recovery funds and legal support

Core Definition

This type of insurance covers first-party losses (such as system repairs and revenue interruption) and third-party liabilities (such as customer claims and regulatory penalties). It is applicable to Hong Kong companies that rely on digital systems, especially during periods of frequent cybersecurity incidents. Unlike general property insurance, it targets purely cyber risks, such as social engineering fraud or data theft

Main coverage

Cyber ​​insurance is divided into first-party and third-party coverage. First-party coverage includes losses incurred by the company itself, such as emergency response, loss of revenue due to business interruption, data recovery, ransom demands, and public relations expenses. Third-party coverage includes liability for privacy breaches, regulatory penalties, media defamation, and customer compensation, with additional coverage for cybercrime, telecommunications fraud, and reputational damage

Insurance Type Main content Applicable Scenarios
First Party Business interruption, system repair, ransom demand Hacking paralyzes systems
Third party Privacy liability, fines, legal fees Customer data breach claims
Additional extension Cybercrime, social engineering, global safeguards Scam or supply chain disruption

Common exclusions

  • Contractual liability, intellectual property infringement, and damage to public utilities (such as power outages not directly caused by the network)

  • Pollution, fraud, government actions, or natural wear and tear (such as aging equipment)

  • Unauthorized file sharing, third-party advertising services, or deliberate sabotage by internal employees (some policy extensions are covered)

The role of accidents

In the event of a cyber incident, insurance companies provide 24/7 emergency support, crisis management, and claims processing, such as covering recovery costs, notifying customers, and providing legal defense. This helps businesses quickly resume operations and mitigate financial impacts, such as revenue losses from CrowdStrike-style software failures or ransomware attacks

Insurance Precautions

First, conduct a network risk assessment to understand the sensitivity of business data and system dependencies; insurance companies often provide free scanning services. Consider annual turnover, industry (such as medical, financial, etc., which easily leads to higher premiums), and historical incident records

Key points for choosing an insurance policy

  • The deductible and coverage limit ensure that potential losses, such as ransom, are covered

  • Global coverage and extended terms, such as social engineering or supply chain disruptions

  • 24-hour emergency response service, with priority given to repairs without out-of-pocket expenses

Post-insurance management

Maintain basic cybersecurity measures (such as updating firewalls), otherwise it may be considered negligence and result in denial of coverage; regularly review your policy to keep up with changes in threats, such as AI attack trends in 2026. Enjoy crisis expert support after purchasing the policy to accelerate recovery

If you're looking for a professional and reliable cybersecurity insurance solution, AWM offers a variety of flexible protection plans to help you operate with peace of mind. No matter what industry you're in, AWM's professional team will strive to create the most suitable protection plan for you. Want to learn more? Contact us today

Previous
Previous

New Pet-Friendly Restaurant Policy: Hidden Risks Restaurant Owners Should Be Aware Of

Next
Next

From medical malpractice to legal liability: Professional liability insurance that healthcare professionals cannot ignore