Bombay High Court Restrains Hacker Group from Leaking Data Stolen from Insurer Generali Central

SN Thyagarajan (Bar and Bench) 20 October 2025

Personal Finance

The Bombay High Court has granted urgent ad-interim relief to Generali Central Life Insurance Company Limited after it was hit by a ransomware attack, allegedly carried out by a hacker group identifying itself as “Medusa" (Generali Central Life Insurance Company Limited Vs Union of India).

Justice Arif S Doctor on October 16, directed the Union of India through the Department of Telecommunications (DoT) and other authorities to immediately block and disable all accounts, domain names, and communication channels associated with the breach.

“The gravity of the consequences that may follow if the applicant’s confidential data is made public or traded is overwhelming. The balance of convenience is clearly in favour of the applicant for the grant of ad-interim relief,” the Court said.

Generali told the Court that the insurer’s confidential and customer data had been hacked and that the unknown perpetrator had demanded $500,000 in ransom. The threat was posted on X (formerly Twitter), warning that the data would be made available “to anyone willing to pay” unless the demand was met.

A screenshot produced before the Court displayed three ransom options:

Add time 1 day – $10,000;
Delete all data – $500,000; and
Download all data – $500,000

Since the identity of the hacker was unknown, Generali impleaded the alleged attacker as John Doe. The company sought immediate injunctions restraining the entity from publishing, distributing, or selling any of its stolen confidential data.

The Court restrained the hacker group going by Medusa (defendant 3) and all persons acting on its behalf from using, copying, transmitting, or disclosing Generali’s confidential information “by any medium or on any platform whatsoever.”

It further directed the Union Department of Telecommunications and related authorities to:

Remove, delete, block, and disable any accounts, domain names, phone numbers, or email addresses linked to the stolen data;
Act within 24 hours of intimation from Generali of any further such stolen data to disable any such new content or accounts misusing its confidential information or likeness; and
File an affidavit of compliance before the Court confirming the steps taken to comply with these directives.

Generali relied on an earlier Bombay High Court order in HDFC Life Insurance Co. Ltd. v. Meta Platforms Inc., where similar reliefs were granted to restrain an unknown hacker from misusing confidential corporate information following a cyber-attack.

Courtesy: Bar & Bench

Comments