Bombay High Court
Adfactors Pr Private Limited vs Ashok Kumar Or John Doe on 31 March, 2026
Author: Milind N. Jadhav
Bench: Milind N. Jadhav
P1. SL-11528-2026.odt
Amberkar
IN THE HIGH COURT OF JUDICATURE AT BOMBAY
O.O.C.J.
INTERIM APPLICATION (L) NO. 11529 OF 2026
WITH
SUIT (L) NO. 11528 OF 2026
Adfactors PR Private Ltd Applicant /
.. Plaintiff
Versus
Ashok Kumar or John Doe & Ors. .. Defendants
....................
Ms. Ankita Singhania a/w Ms. Chitra Rentala, Ms. Kriti Srivastava,
Mr. Alabh Anant Lal, Ms. Shravanai Maddirala & Mr. Utkarsh
Mishra i/by Trilegal, Advocates for Applicant / Plaintiff
...................
CORAM : MILIND N. JADHAV, J.
DATE : MARCH 31, 2026
P. C.:
1. Not on board. Mentioned by way of filing a praecipe dated 31.03.2026 which is moved today though on a holiday in view of the grave exigency cited therein.
2. Heard Ms. Singhania, learned Advocate for the Applicant / Plaintiff in Interim Application (L) No. 11529 of 2026.
3. At the outset, Ms. Singhania would submit that there is an inadvertent typographical omission in prayer clause (d) of Interim Application. She would submit that in line No. 4 of the said prayer clause after the word "them" the word "not" be inserted in order to have the correct meaning of the relief sought for by the Plaintiff. After perusing the said prayer, Ms. Singhania appears to be right in her 1 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt submission. Hence, leave to amend and insert the word "not" at the said place is accordingly granted. Amendment is permitted to be carried out forthwith in presence of Court. Re-verification stands dispensed with. Accordingly amendment is carried out before the Court which is endorsed by the Court itself and the Advocate for Plaintiff.
4. Ms. Singhania cites exigency in view of the case made out in Interim Application and persuades the Court to pass ad-interim reliefs. Suit is filed hurriedly by the Plaintiff which is a Private Limited Company specializing in end-to-end, integrated public relations services, advising clients on capital markets and IPO communications, public issues etc.
5. She would submit that Plaintiff services clients across 25 industry sectors (approximately) and maintains operational presence across 40 cities in India (approximately) and has its offices in India, Sri Lanka and Singapore. She would submit that in the ordinary course of business Plaintiff utilizes propriety system tools, workflows and technology platforms for its work. She would submit that in this process, Plaintiff collects, receives, processes, records, organizes, stores and transmits data and information relating to its clients and their businesses, campaigns and communications strategies etc. which is prima facie confidential and propriety information, commercially 2 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt sensitive information which if accessed unauthorizedly and disseminated may lead to significant commercial, reputational and legal damage not only to the Plaintiff but its clients as well.
6. She would submit that Plaintiff maintains high decree of safeguards and integrity, inter alia, having multi-layered security such as enterprise-grade firewall, internal network security and end-pond security. She would submit that Plaintiff also adheres to recognized information security standards and holds certification such as ISO 27001:2022 along with global security best practices.
7. She would submit that Plaintiff is constrained to file the present Suit seeking permanent injunctive reliefs against Defendant Nos. 1 and 2 and / or their directors / proprietors / operators / partners / employees / agents / servants and / or affiliates and / or any person claiming through them from using, copying, publishing, distributing, transmitting, communicating and / or disclosing / selling and / or leaking to any person the internal data stolen and / or appropriated by Defendant Nos. 1 and / or 2 from the Plaintiff and any other information relating to the Plaintiff that is not available in the public domain by any medium whatsoever or on any platform whatsoever.
8. She would draw my attention to the Suit plaint and Interim Application and submit that on 29.03.2026, Plaintiff received email 3 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt from Defendant No. 2 - BlackShrantac having subject "BlackShrantac's Note : Your name will be disclosure within 24 hours on our Darkweb". She would submit that the email discloses that Defendant No. 2 downloaded Plaintiff's internal data (1 TB) before encryption and threatened to leak the said data if its demands were not made. She would submit that the threat of disclosure of data as stated in the email dated 29.03.2026 at 7:20:32 a.m. (appended at Exh. "F", page No. 80 of Suit plaint) states that the data will be disclosed after this weekend. However the subject records disclosure within 24 hours.
9. Next she would draw my attention to Exh. "G", page No. 81 which is a post posted on social media platform "X" (formerly known as Twitter) by ransomware Alert a threat reporting account which reported that Plaintiff an Indian-based Public Relations and Communications Services company, has reportedly fallen victim to Defendant No. 2 that had carried out the data exfiltration incident and the group intended to publicise the data within 1-2 days. The identity, original and address of Defendant No. 2 is reflected only through its email ID i.e. [email protected].
10. In view of the aforesaid threat perception, Plaintiff has moved this Court seeking injunctive reliefs rather ad-interim reliefs urgently at this stage and sought issuance of John Doe injunction in the aforesaid circumstances. Ms. Singhania would draw my attention to 4 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt the private complaint dated 25.03.2026 filed by Plaintiff with N.M. Joshi Marg Police Station against an unusual activity which alerted the Plaintiff's system for protecting its internal data. She would also submit that Plaintiff reported the Cyber security incident to Indian Computer Emergency Response Team through their incident reporting form, copy of which is appended at Exh. "J" (page No. 84). She would submit that despite reasonable efforts, the true identity, name, address and location of Defendant No. 2 is currently unknown to the Plaintiff and according to her instructions, Defendant No. 2 is operating through anonymized channels, encrypted communication tools and / or the dark web, deliberately concealing its identity save and except its email ID which in all probability is from foreign shores. Hence injunctive relief is sought against Defendant No. 1 John Doe / Ashok Kumar and Defendant No. 2 - BlackShrantac ransomware Group. She would draw my attention to the averments made in paragraph Nos. 26 to 28 and submit that if the ad-interim injunctive reliefs are not granted, there is every possibility of disclosure of data exfiltrated by Defendant No. 2 being misused / leaked to the detriment of the Plaintiff and its clients which may lead to multifarious litigation and cause of action for damages.
11. She would submit that if the said data threat is carried out by Defendant No. 2, Plaintiff is likely to suffer substantial financial loss 5 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt apart from reputational harm, damages, future litigation considering the present revenue as on 31.03.2025 i.e. in the last financial year of IR 567 Crore of the Plaintiff. She would submit that Defendant No. 2 was first identified in September 2025 and has since then trageted numerous victims from a varity of critical industries / sectors. Hence it is necessary that the ad-interim relief be granted by Court. She would submit that Defendant No. 2 has in its email at page No. 80 explicitly admitted to the illegal ex-filtration and encryption of 1 TB of Plaintiff's internal data and has threatened disclosure if its demands are not met.
12. She would submit that Defendant No. 2 is a malicious ransomware attacker who has illegitimately gained the date and threatened to publish the same. She would therefore submit that in these circumstances, Plaintiff has impleaded Ashok Kumar or John Doe as principal Defendant in the Suit proceedings since whereabouts of Defendant No. 2 are not known and the only identity available with the Plaintiff is through its email ID which is stated in the cause title of the Suit plaint. She wold submit that there is every likelihood that Defendant No. 2 may disseminate or sell the confidential data which will cause grave and irreparable loss to Plaintiff and its clients.
13. After hearing the submissions made by Ms. Singhania and perusing the record of the case as also the material which is appended 6 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt to the Plaint, prima facie, arguable case is made out by Ms. Singhania for grant of ad-interim relief. One of the reason which impels me to pass the order is in view of the fact that Defendant No. 2 is a ransomware Group namely the data extortion cadre which has claimed similar responsibility for Cyber attack and targeting the data in the past using the same modus operandi by primarily threatening public release of stolen public information. In the email received by Plaintiff which is appended at page No. 80, threat perception from Defendant No. 2 is prima facie evident as it states that the data will be disclosed and Plaintiff would be aware about the consequences. The contact email address of Defendant No. 2 is separately given as [email protected]. Hence balance of convenience squarely lies in Plaintiff's favour in as much as, if the confidential data is made public or leaked or traded or compromised, it will lead to disastrous and catastrophic consequences.
14. It is pertinent to note that "Data theft" is a misnomer as it is no theft under law. Instead, the valid term is "Data Crime / Criminals".
"Data theft" is covered under Section 2(o) of the Copyright Act, 1957, provisions of the Information Technology Act, 2000 and provisions of Indian Penal Code, 1860. In the case of foreign defender which prima facie may be so in the present case, Section 75 of the Information Technology Act, 2000 implies that the Act shall apply to an offence or 7 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt contravention committed outside India by any person if the act or conduct constituting the offence involves a computer, computer system or computer network located in India. Further Sections 3 and 4 of the Indian Penal Code, 1860 deals with extra-jurisdictional power given to Indian Courts to deal with the same.
15. It is seen that Plaintiff is one of the victims in the list of Defendant No. 2 and considering the threat given and activities of Defendant No. 2 targeting organizations across various sectors and geographies, Advocate for Plaintiff would submit that Plaintiff being custodian of confidential data of its clients in fiduciary capacity be granted ad-interim reliefs as prayed for. Further if threat perception of disclosure is exercised and implemented, it would amount to infringement of fundamental right to privacy covered under the expanded definition of Article 21 "Right to Life" under the Constitution of India.
16. Attention is drawn to the provisions of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 which provides protection to personal information and submits that these Rules provide the only codified provisions protecting the privacy of individual and their personal information. Plaintiff is custodian of such personal data of its clients and if the same is disclosed, leaked or 8 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt disseminated, it would cause humongous prejudice not only to the Plaintiff as the custodian of the data but also to individual clients managed by Plaintiff. That apart prima facie clear threat perception of disclosure within 24 hours on Darkweb emanates from the contents of the email dated 29.03.2026 at page No. 80 and proceeds on extraneous claim of extortion and secretive dealings.
17. Since the Suit is filed in a hurry, leave and liberty be given to implead the platform "X" as Defendant No. 4 on which the second threat perception has been posted which is appended at page No. 81 of the Suit. Impleadment of "X" Platform on whose platform the second threat dated 30.03.2026 (appended at page No. 81 of Suit plaint) has been posted and brought to the notice of Plaintiff is allowed. Leave to amend and implead "X" platform as Defendant No. 4 is therefore accordingly granted to Plaintiff. Amendment to that effect is permitted to be be carried out in the Suit and Interim Application within a period of one week from today online and offline. Reverification stands dispensed with.
18. In view of the above, ad-interim relief is hereby granted in terms of prayer clauses (a), (c) and (d) of the Interim Application which read thus:-
(a) Pass an order of temporary injunction restraining the Defendant Nos. 1 and / or 2 and their directors / proprietors / operators / partners / employees / agents /servants and / or affiliates and any 9 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 ::: P1. SL-11528-2026.odt persons claiming through them from using, copying, publishing, distributing, transmitting, communicating and / or disclosing / selling and / or leaking to any person the Internal Data stolen and / or appropriated by the Defendant Nos. 1 and / or 2 from the Plaintiff and any other information relating to the Plaintiff that is not available in the public domain by any medium whatsoever or on any platform whatsoever;
(c) Pass an order directing the Defendant Nos. 1 and 2 and / or their directors / proprietors / operators /partners / employees / agents / servants and / or affiliates and any persons claiming through them to delete all the Internal Data available in the computer, computer resource, computer network, computer system of Defendant Nos 1 and / or 2;
(d) Pass an order directing the Defendant Nos. 1 and 2 and /or their directors / proprietors / operators / partners / employees / agents / servants and / or affiliates and any persons claiming through them not to disclose / disseminate and / or publicise the captioned suit filed by the Plaintiff before this Hon'ble Court."
19. In view of the above, issue notice to the Defendants made returnable on 22.04.2026. Humdast permitted. In addition to Court's notice, Plaintiff is directed to serve copy of the Suit, Interim Application along with copy of this order on the Defendants and inform them about the next date of hearing by any permissible mode of service and file appropriate affidavit of service with tangible proof thereof on or before the next date.
20. Reply shall be filed by Defendants to the Interim Application on or before the next.
21. Stand over to 22nd April, 2026 for hearing of Interim Application.
22. All parties to act on a server copy of this order duly downloaded from Bombay High Court Website.
Amberkar [ MILIND N. JADHAV, J. ] Digitally signed by RAVINDRA RAVINDRA MOHAN MOHAN AMBERKAR AMBERKAR Date: 2026.03.31 17:41:20 +0530 10 of 10 ::: Uploaded on - 31/03/2026 ::: Downloaded on - 31/03/2026 20:44:29 :::