The Bombay High Court has granted urgent ad-interim relief to Generali Central Life Insurance Company Limited following a major ransomware attack in which hackers allegedly accessed the company’s confidential and customer data. The order was passed by Justice Arif S. Doctor on October 16, 2025, in a plea moved against the Union of India through the Department of Telecommunications and other respondents.
The insurer informed the Court that its confidential data had been compromised by a hacker group identifying itself as “Medusa”, which posted a ransom demand of USD 500,000 on social media, threatening to release or sell the stolen data if payment was not made. The company sought immediate protection orders to prevent any public dissemination or trading of the hacked data.
Finding the matter urgent and serious, the Court restrained the unknown entity (John Doe) from using, publishing, or sharing any of Generali’s confidential or proprietary information. It also directed the concerned authorities and intermediaries to remove, block, or disable all online accounts, domains, and content associated with the unlawful data breach and to file compliance affidavits within 24 hours of intimation by the company.
The Court noted that similar protection had previously been granted in HDFC Life Insurance Co. Ltd. v. Meta Platforms Inc. 2024 SCC OnLine Bom 3687, observing that the balance of convenience lay in favour of protecting sensitive personal and corporate data from further exposure. The matter will next be heard on November 12, 2025, for consideration of further interim reliefs and compliance.
Appearances:
Mr. Venkatesh Dhond, Sr. Adv. a/w Mr. Vishal Kanade, Ms. Aruna Roy, Mr. Devashish Godbole, Mr. Prasad Nagargoje, for the Applicant/Plaintiff.
Mr. Ashish Mehta i/b Ethos Legal Alliance, for Defendant Nos.1 and 2.