Every time I read one of these stories, I think back to a blog post I wrote last October about the war exclusion and cyber policies. Cyber policies with war exclusions often will not cover governments hacking your computers and stealing your data. And since that's a real risk these days (as the regular stream of stories about one government or another hacking people's data makes clear) insureds should make sure they get cyber policies that will cover that kind of risk.
Admittedly, it is not 100% clear that it was a government that did it. The evidence is circumstantial and governments rarely fess up. Nobody ever admitted to inventing Stuxnet, although it is widely believed to be a state-sponsored cyber-weapon. But for coverage purposes, the legal standard of proof will be "more-likely-than-not." And in light of the growing amounts of evidence, an insurer facing a mega-million dollar data breach might decide to hire some experts and try to prove that more-likely-than-not a foreign government stole the data so the insurer does not have to pay.