Lisa A. Gardner, Ph.D., CPCU, AIC, AIDA, API,
is the Associate Director, Content and Research, at the Risk & Insurance Education Alliance.
Richard Brendan Globensky, a former Augusta National Golf Club employee, was sentenced earlier this year for stealing more than $3,000,000 worth of merchandise and memorabilia from the legendary Masters Golf Tournament (U.S. Attorney’s Office, Northern District of Illinois, 2025). Among the items stolen were three green jackets awarded to golf legends Gene Sarazen, Ben Hogan, and Arnie Palmer for their Masters tournament wins (ibid). Globensky, whom the club employed as a warehouse assistant, sold the stolen merchandise to an online broker for more than $5,000,000, pocketing the proceeds for his personal use (ibid).
Access to an online broker helped facilitate the crime by providing a convenient distribution system for stolen items. However, the crime occurred before the items were distributed by a third party over the internet, and an employee committed the crime. Augusta National Golf Club’s Masters Golf Tournament experienced a direct loss caused by an employee’s theft.
In comparison, Coinbase, a cryptocurrency exchange, experienced a social engineering loss, which was reported to the SEC earlier this year. Attackers convinced Coinbase employees to hand over customer data, which they then used for nefarious purposes—to contact users and trick them into transferring their crypto to the hackers (Coinbase, 2025). About 1% of Coinbase customers experienced a direct loss because of this attack (ibid). While total losses remain undisclosed, they may reach as high as $400 million (Macheel, 2025).
Like other social engineering attackers, Coinbase attackers relied on computer technology to execute their attacks. Employee disclosure of confidential data enabled the Coinbase attack. However, the attackers appear to be third parties, not employees. The attackers received transferred cryptocurrencies, not the employees.
Both loss events described above involve crime and the internet but in very different ways. The Masters Tournament suffered the first loss, while cryptocurrency traders sustained the second. The first concerned tangible assets, while the second addressed intangible assets. An employee thief caused the first loss, but the second involved third-party thieves. The first incorporated the internet but would not be considered a cyber-attack. In contrast, social engineering attacks are cyberattacks.
Considering these and other characteristics of the losses helps in managing these risks. Also helpful is knowing what crime coverage and endorsements might be available, what kinds of losses can be insured and under what conditions, and what exclusions might apply.
Protect Your Clients from Financial Loss—Learn Crime Coverage at Your Own Pace!
Theft, fraud, forgery—crime can strike from within or outside a business. The Risk and Insurance Education Alliance’s Crime Coverages and Endorsements course, now available in a convenient self-paced format, helps you understand the key protections your clients need. Learn the insuring agreements, policy language, and critical endorsements that help safeguard against loss—on your schedule.
For more information, see:
References
Coinbase. (2025, May 15). Protecting Our Customers – Standing Up to Extortionists. Retrieved from Coinbase
Macheel, T. (2025, May 15). Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom. Retrieved from CNBC.com
U.S. Attorney’s Office, Northern District of Illinois. (2025, March 19). Former Employee of Augusta National Golf Club Sentenced to a Year in Prison for Stealing Masters Golf Tournament Merchandise and Memorabilia. Retrieved from U.S. Department of Justice
