In a significant lapse of data security, a senior official at ICICI Lombard General Insurance Company inadvertently disclosed sensitive draft financial information on a personal social media platform. The incident, which involves the premature sharing of unaudited results, has prompted the company to issue urgent warnings to investors and report the matter to stock exchanges.
The Accidental Disclosure on WhatsApp
A designated person at ICICI Lombard General Insurance Company unintentionally posted details of the company's unaudited draft financial results for the quarter and nine months ended December 31, 2025. This sensitive information appeared on the individual's personal WhatsApp Status on January 9, 2026, at approximately 5:44 PM. According to the company's regulatory filing, the official became aware of the error and removed the post within an hour of its upload.
Company's Immediate Response and Actions
ICICI Lombard acted swiftly following the discovery of the leak. The firm formally notified the stock exchanges about the incident on Saturday, January 10, 2026. In its filing, the company stated this action was taken as a precautionary measure and in line with good corporate governance practices.
The company's board meeting to consider and approve the audited financial results and statements for the same period is still scheduled for January 13, 2026. ICICI Lombard has explicitly warned investors not to rely on any financial information that has not been officially released after the board's approval. The draft results shared on WhatsApp are subject to change during the final audit process and lack board sanction.
Internal Inquiry and Regulatory Compliance
In response to the breach, ICICI Lombard has initiated a formal internal inquiry. This investigation will be conducted in accordance with the SEBI (Prohibition of Insider Trading) Regulations, 2015, the company's own Insider Trading Code, and other relevant internal policies. The findings of this inquiry will be shared with the stock exchanges upon completion.
Furthermore, the company has committed to informing both its Audit Committee and its full Board of Directors about the incident during their upcoming meeting. This step underscores the seriousness with which the company is treating the unauthorized disclosure.
This event highlights the critical importance of cybersecurity protocols and employee training in handling confidential corporate data, especially for listed entities where such information can significantly impact market dynamics.
