Insurers’ Bill for SolarWinds Hack Estimated at Just $90 Million

Cyber insurers may have avoided major losses from the hack targeted at SolarWinds Corp. software that’s rippled throughout U.S. agencies and companies.

Security-rating company BitSight Technologies and cyber-risk modeling firm Kovrr estimate that insured losses from the attack totaled only $90 million, according to a report released Tuesday. That compares with more than $3 billion in estimated losses from the NotPetya attack in 2017, according to Verisk Analytics Inc.’s Property Claim Services.

The insurance industry may have been spared from large losses partly because many of the attack victims were federal agencies, which typically don’t buy insurance for cyber ...