The Bombay High Court has granted ad-interim relief to HDFC Life Insurance Company, a leading insurance company with over 6.6 crore customers, in a data breach case. The company received emails from an anonymous sender claiming to possess confidential customer data and threatening to leak and sell it unless negotiations were initiated. The sender demanded 1,800 Ethereum (Rs 54.50 crore) and directed HDFC Life to contact them via Telegram and WhatsApp. The Court emphasized the potential harm of the data breach, including identity theft, financial fraud, and privacy violations, and noted that the damage could not be compensated monetarily since the perpetrator’s identity was unknown. Justice Riyaz Chagla passed the order, citing HDFC Life’s prima facie case for relief. The Court directed various parties, including Meta Platforms, WhatsApp, and Telegram, to remove related content and phone numbers, disclose information identifying the sender, and submit compliance reports. The Union of India and the Ministry of Electronics and Information Technology were also directed to ensure swift action to block related accounts. The matter has been kept for hearing on December 17.
