A claim reported to ITIC involved payments made by a ship manager to a parts supplier. A fraudster was able to insert an email into the exchanges providing new bank details for the payment. The chandler did not receive his money. The ship manager had already made the payment to the fraudster’s bank account and he understandably didn’t want to pay again. Despite the fact that both parties were innocent, neither could get what they wanted. The issue of who is liable in these situations can be quite complicated to work out. Whose system was broken into by hackers is not as simple as whose house was burgled. In addition there are the commercial realities to consider; the ship manager may avoid paying twice for these goods, but he is unlikely to be able to secure further supplies from that source.