Canvas data breach: Affecting 275 million users, sounding another alarm for enterprise network risks
The international online teaching management platform Canvas was recently hacked, affecting 275 million users worldwide. In Hong Kong, data from over 70,000 students and staff from several institutions, including PolyU, Hong Kong Institute of Construction, and HKUST, was leaked. Canvas' parent company previously stated that it had reached an agreement with the hackers to return the stolen data; however, the hackers admitted that they could not guarantee the data would be permanently deleted. Some cybersecurity experts have expressed doubts about whether the attack has ended, stating that paying a ransom does not equate to the end of the threat, and that this approach is like drinking poison to quench thirst
Recent cyberattacks have been frequent. In 2025, Hong Kong police recorded 31,571 technology-related crimes, a 6.9% decrease from the previous year, but losses increased by 23.2% to HK$6.32 billion. Regarding destructive cyberattacks, 52 cases of system intrusion were recorded, a decrease of 9 cases from the previous year, but losses increased to HK$62.6 million, a 145% increase; there were also 43 ransomware cases, a decrease of 3 cases year-on-year. In the first quarter of this year, police recorded 6,504 technology-related crimes, a 15.3% decrease compared to the same period last year, with losses also decreasing to HK$1.29 billion, a 10% decrease year-on-year. Businesses' increasing reliance on and frequent use of information technology will significantly increase their risk of cybersecurity threats. Cyberattacks or security incidents can incur substantial costs and lead to severe losses for businesses
(Source: Hong Kong Police Force's Cybersecurity Report 2025)
What is cybersecurity insurance?
Cybersecurity insurance (also known as cyber insurance) is an insurance product specifically designed to protect businesses or individuals against financial losses caused by cyberattacks, data breaches, or other digital risks. It helps the insured cope with events such as hacking, ransomware attacks, or business interruptions, providing recovery funds and legal support
Core Definition
This type of insurance covers first-party losses (such as system repairs and revenue interruption) and third-party liabilities (such as customer claims and regulatory penalties). It is applicable to Hong Kong companies that rely on digital systems, especially during periods of frequent cybersecurity incidents. Unlike general property insurance, it targets purely cyber risks, such as social engineering fraud or data theft
Main coverage
Cyber insurance is divided into first-party and third-party coverage. First-party coverage includes losses incurred by the company itself, such as emergency response, loss of revenue due to business interruption, data recovery, ransom demands, and public relations expenses. Third-party coverage includes liability for privacy breaches, regulatory penalties, media defamation, and customer compensation, with additional coverage for cybercrime, telecommunications fraud, and reputational damage
| Insurance Type | Main content | Applicable Scenarios |
|---|---|---|
| First Party | Business interruption, system repair, ransom demand | Hacking paralyzes systems |
| Third party | Privacy liability, fines, legal fees | Customer data breach claims |
| Additional extension | Cybercrime, social engineering, global safeguards | Scam or supply chain disruption |
Common exclusions
Contractual liability, intellectual property infringement, and damage to public utilities (such as power outages not directly caused by the network)
Pollution, fraud, government actions, or natural wear and tear (such as aging equipment)
Unauthorized file sharing, third-party advertising services, or deliberate sabotage by internal employees (some policy extensions are covered)
The role of accidents
In the event of a cyber incident, insurance companies provide 24/7 emergency support, crisis management, and claims processing, such as covering recovery costs, notifying customers, and providing legal defense. This helps businesses quickly resume operations and mitigate financial impacts, such as revenue losses from CrowdStrike-style software failures or ransomware attacks
Insurance Precautions
First, conduct a network risk assessment to understand the sensitivity of business data and system dependencies; insurance companies often provide free scanning services. Consider annual turnover, industry (such as medical, financial, etc., which easily leads to higher premiums), and historical incident records
Key points for choosing an insurance policy
The deductible and coverage limit ensure that potential losses, such as ransom, are covered
Global coverage and extended terms, such as social engineering or supply chain disruptions
24-hour emergency response service, with priority given to repairs without out-of-pocket expenses
Post-insurance management
Maintain basic cybersecurity measures (such as updating firewalls), otherwise it may be considered negligence and result in denial of coverage; regularly review your policy to keep up with changes in threats, such as AI attack trends in 2026. Enjoy crisis expert support after purchasing the policy to accelerate recovery
If you're looking for a professional and reliable cybersecurity insurance solution, AWM offers a variety of flexible protection plans to help you operate with peace of mind. No matter what industry you're in, AWM's professional team will strive to create the most suitable protection plan for you. Want to learn more? Contact us today

