📊 Our 2025 Cyber Claims Report is out now!
Skip To Main Content
Cyber Incident? Get Help

case study

DDoS Attacks: Business Interruption Intervention

In today’s digital economy, even small companies can suffer under the siege of malicious cyber attacks — whether for extortion or entertainment. When threat actors deployed a distributed denial-of-service (DDoS) attack to disrupt a toy retailer's website traffic, Coalition helped plug the attack vector and provided business interruption coverage.

Customer paying for cosmetics over the counter

Industry

Specialty Retail

Background

  • 1-25 employees

  • Coverages for business interruption and breach response

I spoke to the insured this morning regarding the renewal and he shared how satisfied he had been with his interaction with your staff in regards to the recent DDoS incident. He found your staff to be very knowledgeable and helpful.

Case Study

When hackers try toying with business operations.

A specialty toy retailer received an email threatening continued DDoS attacks unless the retailer conceded to the attacker’s demands. The policyholder had experienced once-daily attacks which took their store offline for four to five minutes at the time they received the email, which was passed from the customer support team to the CEO. The CEO reached out to Coalition, using our standard communication channel, approaching 9 pm California time. We responded within 20 minutes, and within an hour, we were on the phone with the CEO.

After a brief explanation, the CEO looped in the company’s IT team which runs their custom e-commerce infrastructure. We started a multi-time zone call to dive in, combing through logs, reviewing DNS settings, and digging into firewall configurations. During the conversation, the company updated its security groups, proxied (protected) more traffic, and changed its server’s public IP address. After some more back-and-forth, we uncovered a firewall rule put in place long ago which allowed all traffic from the United States through, regardless of other protections.

Once this rule was removed, all was well. The attackers returned in the following days, but their throttled attempts were not disruptive, and the attack activity stuck out like the proverbial sore thumb — easy to mitigate.

Business interruption is the key coverage in play. If a security failure such as a DDoS disrupts your business, you may qualify for lost income and expenses under your insurance policy. Coalition is unique in the marketplace in that our waiting period does not act as a deductible, just a trigger for the time period that a business interruption must satisfy prior to coverage being available. Several services qualify for Coalition’s enhanced waiting period, which means less interruption (only one hour) before coverage kicks in.

Coalition provides Active Risk Assessment of an organization’s real-time cyber risk, Active Protection through continuous threat monitoring, and Active Response to incidents if they occur — providing the most comprehensive insurance available to solve cyber risk.

Ready to learn more?

Blog

Our brokers and policyholders get access to all of the intel we have on how to prevent, remedy, and recover from breaches of all kinds.

Newsroom

We’re bringing a new approach to managing digital risk, and the world has noticed. Here’s what people are saying about Coalition.

Careers

We’re a team of experts, backed by powerful partners, developing a safer world.

Allianz White
LOGO > PNG > LLOYDS light
Logo > White > The Hartford
What We Do

Active Cyber Insurance

Active Tech E&O Insurance

Active Monitoring

Active Data Graph

Incident Response

Broker Info

Key Topics

Coalition's Guide to Cyber Insurance

What is Cyber Insurance?

Cyber Insurance for small businesses

What does a Cyber Insurance policy cover?

Addressing top objections to Cyber Insurance

Client benefits of a Cyber Risk Assessment

How much Cyber Insurance is needed?

Tips for selling Cyber Insurance

Resources

Help Center

Glossary

Case Studies

Contact Us

Sitemap

Company

About

Careers

Newsroom

Blog

Legal

Complaints Procedure

Terms of Service

Privacy

Disclaimers

Logo > Coalition in white with transparent background

© 2025 Coalition, Inc.

The descriptions contained in this communication are for preliminary informational purposes only. Coalition is a trading name of Coalition Risk Solutions Ltd. which is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority (FCA), registration number 597301, to carry on insurance distribution activities. You may check this on the FCA register by visiting the FCA website www.fca.org.uk. Coalition Risk Solutions Ltd. is registered in England and Wales: company number 13036309. Registered office: 34-36 Lime Street, London, United Kingdom, EC3M 7AT. Copyright © 2025. See Terms of Service and Disclaimers. All rights reserved. Coalition and the Coalition logo are trademarks of Coalition, Inc.