Funds were lost under the policy when they were transferred to the fraudulent interloper, despite the fact that they were owed to a third party.
The policy's definition of computer fraud includes funds transferred as a result of fraudulent emails; the scope is not limited to losses incurred by hacking.
Loss was sufficiently proximate to the computer fraud, as each review step before the transfer of funds was prompted by the initial fraudulent email.
As the exclusions only preclude payment for losses caused by entry of data into the computer system, the employees entry of the details of the fraudulent money transfer were the entry of instructions to the machine, which are definitionally excluded under the the policy.
http://www.opn.ca6.uscourts.gov/opinions.pdf/18a0138p-06.pdf
Since 2011. An occasional commonplacing of the U.S. Circuit Courts of Appeal.
Neither an authoritative statement of the law nor legal advice. Quick work.