What Happened
In November 2023, the Institute of Chartered Accountants of India (ICAI), accessible via icai.org, suffered a major data breach when cybersecurity researchers at InsecureWeb detected an exposed 7.69GB trove of sensitive data, followed by a leak of an 8.3GB full SQL database dump on a hacker forum. The compromised information included highly sensitive records such as personal details of chartered accountants, members, and potentially related stakeholders, though exact data types like names, contact info, financial records, or credentials were not fully detailed in reports. No specific discovery or notification date beyond November 2023 was confirmed, and ICAI’s official responses in subsequent documents focused on unrelated topics like AI regulation and disciplinary matters without addressing the incident directly. The breach highlighted vulnerabilities in the organization’s database security, prompting exposure alerts but no public confirmation of remediation scale from the affected entity.
