ICAI Warns Against Unauthorized Access Attempts to Digital Platforms and Issues Cyber Advisory
The Institute of Chartered Accountants of India (ICAI), through a public announcement dated 17 July 2026, stated that it had recently noticed repeated unsuccessful attempts to gain unauthorized access to its digital portals and information systems. ICAI stated that unauthorized access, hacking, probing, manipulation, disruption, data extraction, data theft, misuse, or other unauthorized activities targeting its digital infrastructure are prohibited and punishable under the Information Technology Act, 2000 and the Bharatiya Nyaya Sanhita, 2023. The announcement lists activities including unauthorized access to computer systems, hacking, tampering with computer source documents, theft, alteration or misuse of electronic data, identity theft, impersonation, online fraud, and attacks on protected computer systems. ICAI stated that it follows a zero-tolerance policy towards cybercrime and continuously monitors and secures its digital infrastructure using technical, administrative and legal measures. It advised users to access digital services only through the official ICAI website and authorized applications and to exercise caution against phishing emails, fake websites and fraudulent mobile applications. ICAI also stated that it maintains audit trails and security monitoring mechanisms and will pursue remedies available under law against unauthorized access or attempted intrusion.
The Institute of Chartered Accountants of India
17th July, 2026
Public Announcement
Public Announcement on unauthorized access to ICAI Digital Platforms
Institute of Chartered Accountants of India (ICAI) noticed that repeated unsuccessful attempts were made recently to gain unauthorized access to its digital portals and digital information systems.
ICAI operates and maintains multiple Digital Platforms including websites, web applications, mobile applications, portals, APIs, databases and other information technology resources. Any attempted unauthorized access, hacking, probing, manipulation, disruption, data extraction, data theft, misuse or any other unauthorized activity directed against ICAI’s digital infrastructure is strictly prohibited and punishable offence under Information Technology Act, 2000 and Bharatiya Nyaya Sanhita, 2023.
Such acts may, inter alia, include the following:
- Unauthorized access to computer systems and computer resources, hacking, tampering with computer source documents, and theft, alteration, deletion or misuse of electronic data.
- Identity theft, impersonation, cheating using computer resources and online fraud.
- Unauthorized access to or attacks on protected computer systems and critical digital infrastructure.
ICAI follows a Zero Tolerance Policy towards cybercrime. ICAI continuously monitors and secures its digital infrastructure using appropriate technical, administrative, and legal measures. Any suspicious or unauthorized activity or attempts to hack the systems or digital platforms or data theft or misuse or similar such unauthorized and illegal activities will be dealt with sternly in accordance with law to ensure that the perpetrators would be severely punished.
It is recommended that all users avail ICAI digital services only through its official ICAI website and authorized applications. Users are advised to exercise due care and caution against phishing emails, fake websites, fraudulent mobile applications or any other attempt to impersonate ICAI. ICAI shall not be responsible for any loss arising from the use of unauthorized platforms or disclosure of credentials to unauthorized persons.
Warning: Any person attempting to compromise, interfere with, or misuse ICAI’s digital platforms, networks, or information systems should note that ICAI has comprehensive audit trails and security monitoring mechanisms in place. All incidents of unauthorized access or attempted intrusion shall be dealt with firmly, and the Institute will pursue all remedies available under the law.
