/images/ppid_59c68470-image-176094754322372227.webp)
What is the story about?
The Bombay High Court has granted urgent ad‑interim relief to Generali Central Life Insurance Company following a ransomware attack allegedly carried out by a hacker group identifying itself as “Medusa,” according to Bar & Bench.
Justice Arif S Doctor, on October 16, directed the Union of India, through the Department of Telecommunications (DoT) and other authorities, to immediately block and disable all accounts, domain names, and communication channels linked to the data breach.
“The gravity of the consequences that may follow if the applicant’s confidential data is made public or traded is overwhelming. The balance of convenience is clearly in favour of the applicant for the grant of ad-interim relief,” the court was quoted as in the report.
Generali informed the court that the hacker had demanded a ransom of $500,000 and threatened to make the stolen data available to anyone willing to pay, a warning reportedly posted on X (formerly Twitter).
A screenshot produced in court showed three ransom options: adding one day for $10,000, deleting all data for $500,000, or downloading all data for $500,000.
Since the identity of the hacker was unknown, Generali impleaded the alleged attacker as John Doe. The insurer sought immediate injunctions restraining the entity from publishing, distributing, or selling any of its stolen confidential data.
The court specifically restrained the Medusa group and all persons acting on its behalf from using, copying, transmitting, or disclosing Generali’s confidential information “by any medium or on any platform whatsoever.”
Further, the court directed the DoT and related authorities to:
The insurer was represented by Senior Advocate Venkatesh Dhond along with Advocates Vishal Kanade, Aruna Roy, Devashish Godbole, and Prasad Nagargoje, the report said.
Justice Arif S Doctor, on October 16, directed the Union of India, through the Department of Telecommunications (DoT) and other authorities, to immediately block and disable all accounts, domain names, and communication channels linked to the data breach.
“The gravity of the consequences that may follow if the applicant’s confidential data is made public or traded is overwhelming. The balance of convenience is clearly in favour of the applicant for the grant of ad-interim relief,” the court was quoted as in the report.
Generali informed the court that the hacker had demanded a ransom of $500,000 and threatened to make the stolen data available to anyone willing to pay, a warning reportedly posted on X (formerly Twitter).
A screenshot produced in court showed three ransom options: adding one day for $10,000, deleting all data for $500,000, or downloading all data for $500,000.
Since the identity of the hacker was unknown, Generali impleaded the alleged attacker as John Doe. The insurer sought immediate injunctions restraining the entity from publishing, distributing, or selling any of its stolen confidential data.
The court specifically restrained the Medusa group and all persons acting on its behalf from using, copying, transmitting, or disclosing Generali’s confidential information “by any medium or on any platform whatsoever.”
Further, the court directed the DoT and related authorities to:
- Remove, block, or disable any accounts, domain names, phone numbers, or email addresses linked to the stolen data;
- Act within 24 hours of intimation from Generali about any new data misuse to disable such content or accounts; and
- File an affidavit confirming compliance with these directives.
The insurer was represented by Senior Advocate Venkatesh Dhond along with Advocates Vishal Kanade, Aruna Roy, Devashish Godbole, and Prasad Nagargoje, the report said.
Do you find this article useful?
/images/ppid_a911dc6a-image-176080843178067686.webp)
/images/ppid_a911dc6a-image-176084485896567373.webp)
/images/ppid_a911dc6a-image-176078506109772600.webp)
