Stolen Leads, Fake Booking IDs, ₹66 Lakh Revenue Loss: How a Spreadsheet Led to an Ex-Parte Injunction in Cordelia Cruises’ Data Theft Case

The Court passed an ex-parte ad-interim injunction against the respondents on ground of data theft, protecting complainant’s proprietary customer database upon observing that a prima facie case has been established showing unauthorized data copying, download, and extraction within the strict definition of Section 43(b), Information Technology Act, 2000.

data theft ad-interim injunction proprietary customer database

Electronics, Information Technology and Artificial Intelligence Department, Mumbai: In a complaint filed under Section 43(b), Information Technology Act, 2000, seeking statutory compensation, damages and strict injunctive reliefs against the respondents on the ground of data theft, the Adjudicating Officer Virendra Singh, passed an ex-parte ad interim injunction against the respondents to protect the complainant’s proprietary customer database, upon perusing the forensic audit reports and prohibited the respondents from accessing, printing, copying, formatting, distributing, utilising, disseminating, or exploiting the complainant’s proprietary customer databases, lead lists, electronic charts, or operational records, stolen or exfiltrated and from utilising the registered trade marks, copyrighted logos, vessel imagery or brand designations of Cordelia Cruises under any frontend configuration to pretend affiliation.

Background

The complainant company, Waterways Leisure Tourism Limited, a premier cruise liner operator trading under the brand name Cordelia Cruises, contended that Respondent 1, an employee entrusted with access to highly sensitive corporate repositories and internal email infrastructure, colluding with Respondents 2 and 3, breached his access privileges exfiltrating digital user records, prospective customer identities and corporate leads from the complainant’s internal networks and diverted the stolen customer leads to unlisted, competing entities managed by the co-respondents, misrepresenting themselves to internal leads as authorised agents and induced innocent customers to process advance ticket payments directly into the independent corporate bank channels of co-respondents, leading to system-wide auto-cancellations, direct revenue diversion and profound brand degradation.

As per the complainant, an independent forensic audit conducted by Grant Thornton Bharat LLP revealed critical vulnerabilities and rogue exfiltration vectors upon a technical examination of the digital infrastructure. The Electronic Scheduled Information (ESI) takeout demonstrated that Respondent 1 diverted data bundles while marking official corporate links in CC by misleading the clients.

The forensic data analysis further revealed 263 verified instances of age-category manipulations, adults falsely logged as children or infants, causing an intentional revenue deficit of ₹38.88 lakhs, and 50 instances of fraudulent application of inactive pricing models (companion offers and free upgrades) generating a quantified revenue leak of ₹26.08 lakhs. Screenshots of high-value payment summaries aggregating to ₹1.68 lakhs were also recovered, mapped to fictitious booking IDs entirely absent from the complainant’s central transaction engine.

An organised mismatch was confirmed between the main passenger Booking Dump and the Reverse Manifest obtained from the vessel engine portal (Resco), containing age-category manipulations, fraudulent application of inactive pricing models, programmatic threats, specifically screenshots of high-value payment summaries mapped to entirely fictitious booking IDs absent from the complainant’s central transaction engine.

Thus, 2 FIRs were registered, one in Worli and the other in Bangalore, confirming systemic, trans-state operational clones continuously switching frontend banners.

Since the legal notice was disregarded, the Complainant approached under Section 43(b), Information Technology Act, seeking maximum statutory compensation, damages, and strict injunctive reliefs.

There was no written reply, status report or representation from the respondents.

Analysis and Decision

Referring to forensic imaging reports, email communication trails, and the Grant Thornton data analysis, the Court observed that a prima facie case has been established showing unauthorised data copying, download, and extraction within the strict definition of Section 43(b), IT Act, 2000.

Therefore, the Court proceeded with passing an ex parte ad interim injunction order directing that Respondents 1, 2, and 3, along with their operational affiliates, agents, associates, and proxies are strictly restrained and prohibited from accessing, printing, copying, formatting, distributing, utilising, disseminating, or exploiting the complainant’s proprietary customer databases, lead lists, electronic charts, or operational records stolen or exfiltrated from the systems of the complainant.

Further directions prohibited the respondents from utilising the registered trade marks, copyrighted logos, vessel imagery or brand designations of Cordelia Cruises under any frontend configuration to pretend affiliation or dupe the public.

The Court directed the complainant to deploy strict systemic process improvements, including mandatory KYC verification for client profiles, automated cryptographic controls blocking manual discount overrides, full API integration between the Admin Portal and the Resco vessel engine, and a strict zero-device call center policy on production floors.

The police stations concerned were directed to submit the investigation report in the next hearing.

[Waterways Leisure Tourism Ltd. v. Sanaullha Saifula Sheikh, Complaint Case No. 1 of 2026, decided on 23-6-2026]


Advocates who appeared in this case:

For Complainant: Prashant Mali

Join the discussion

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.