Mumbai: Observing that what has been pointed to it is “most disturbing”, Bombay high court last week restrained a group and unknown others from making any disclosure, public or otherwise, of allegedly hacked sensitive information about children of many schools in Mumbai and abroad run by a charitable trust and another company that runs schools. The HC also directed Google to block email IDs used by the alleged hackers.The trust and the corporate entity petitioned the HC for urgent relief, saying it had received an email for ransom of $7,50,000, failing which the hacker group threatened to make public confidential information, followed by a June 10 email to one parent divulging highly confidential information regarding certain students.In the June 12 order, Justice Arif Doctor said, “The disclosure of such highly sensitive and confidential information, particularly with regard to the mental health issues of the children, could indeed have grave and deleterious effects, in particular on the children themselves.” The HC, after hearing senior counsel Birendra Saraf for plaintiffs, observed that a case for urgent ex-parte (without hearing the other side) was made out.Saraf submitted that a notice to the other side at this stage would “in all likelihood, defeat its very purpose” of seeking urgent relief. Saraf contended the two entities “run various educational institutions in which thousands of children are enrolled and imparted education”.He submitted that they had been “constrained to file the suit since the applicants had fallen victim to an incident of hacking by which the databases of the applicants, which contain confidential and highly sensitive information pertaining to children…have been compromised”. Saraf pointed out that the information included not only details of the children’s movements, “when and from where they travel to school, but also details of medical conditions, including those affecting the mental health and well-being of various children”.An alleged ransom email was shown to the court where the sender described himself as a “cybercriminal”, the HC order noted. The email allegedly set out the “stage-wise manner” proposed to “enforce the threat set out in the said email”. An exchange of correspondence ensued pursuant to the email, HC was informed. The HC sought details of the information which Saraf undertook to file an affidavit to bring it on record. The HC accepted.The HC said from what was pointed out in court “vocation, income and other details of parents” have also been compromised. “Such information, if made public, could also potentially pose a grave risk to the safety of the children,” the HC said and posted the matter to July 1 for further hearing and orders.
