MUMBAI: Life insurance provider Generali Central Insurance Company Limited has fallen prey to the Medusa ransomware group, a highly active malware that pressures firms into paying ransoms by threatening to publicly release sensitive data and ruin their reputations. Though the company has not received any direct communication seeking ransom, it has come across demands online seeking $500,000 to download the data, another $500,000 to delete the data, and $10,000 for delay in payment, officials from the East Cyber police station told Hindustan Times.
Generali Central Insurance Company, formerly known as Future Generali India Insurance Company, is a joint venture between the Generali Group and the Central Bank of India. The company was alerted to the alleged data theft via a post on social media platform X on September 28.
The post from @FalconFeedsio, an unidentified user, read: “Generali Central Insurance Company Limited…a leading joint venture insurer in India, has reportedly fallen victim to the MEDUSA ransomware.”
The company ran an internal check on its database after coming across the post, which revealed instances of unauthorised entry into their system. It then appointed a well-known forensic auditor to conduct a thorough audit and is awaiting the report.
Meanwhile, the company came across blog posts which stated that it would have to pay, by October 25, $500,000 to download the data, another $500,000 to delete the data, and $10,000 for delayed payment, failing which the information would be sold on the dark web..
“We suspect that the X user who posted about the Medusa ransomware attack is connected to the frauds who stole the data,” an officer familiar with the case told Hindustan Times, requesting anonymity.
The unidentified X user has been booked under sections 43 (damage to computer, computer system, etc) and 66 (sending offensive messages through communication service, etc) of the Information Technology Act, based on a complaint by Sunil Nishankar, Chief Information Security Officer, Generali Central Life Insurance.
“The company approached us well in advance, after coming to know about the data theft, to protect the interests of all parties. We are investigating the case,” the officer quoted earlier said.
An official from Generali Central Insurance Company said the company would not like to comment on the matter as it was under investigation.