Balgopal Commercial Board Meeting Scheduled on May 22, 2026 to Consider Audited Financial Results for Q4FY26

Balgopal Commercial Limited has notified the BSE of an upcoming Board of Directors meeting to deliberate on its audited financial results for the quarter and year ended March 31, 2026. The intimation, dated May 14, 2026, was filed by Company Secretary and Compliance Officer Ankit Ladha in compliance with Regulation 29 of the applicable listing regulations.

Board Meeting Details

The meeting is set to be held on Friday, May 22, 2026, at 11:30 a.m. at the company's Registered Office. The key agenda items and meeting parameters are outlined below:

Parameter:	Details
Meeting Date:	Friday, May 22, 2026
Meeting Time:	11:30 a.m.
Venue:	Registered Office, Mumbai
Agenda:	Audited Financial Results (Standalone & Consolidated)
Period Under Review:	Quarter and year ended March 31, 2026
Intimation Date:	May 14, 2026

Agenda and Purpose

The Board of Directors will convene to consider, approve, and take on record the audited financial results of the company on a standalone as well as consolidated basis for the quarter and full year ended March 31, 2026. In addition to the financial results, the board may also discuss any other matter with the permission of the chair.

Filing and Compliance

The intimation was addressed to the Department of Corporate Services, BSE Limited, Phiroze Jeejeebhoy Towers, Dalal Street, Mumbai. The notice was digitally signed by Ankit Ladha, Company Secretary and Compliance Officer, bearing ICSI Membership No. A74941, on May 14, 2026. The company's registered office is located at 901, 9th Floor, Crescent Royale, CTS No. 720/42-46, Oshiwara Village, Andheri (West), Near VIP Plaza, Off New Link Road, Mumbai – 400053.

1 Day	5 Days	1 Month	6 Months	1 Year	5 Years
-0.31%	+2.34%	-0.03%	-19.70%	+19.37%	+5,144.26%

Balgopal Commercial Limited has filed a disclosure under Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, informing stock exchanges of a cybersecurity incident at a third-party service provider engaged by the company for hosting and managing its official email systems and website. The disclosure, signed by Company Secretary and Compliance Officer Ankit Ladha, is dated 11 May 2026.

Nature of the Cybersecurity Incident

The incident originates from a critical zero-day vulnerability, identified as CVE-2026-41940, affecting servers running the latest versions of cPanel/WHM. This vulnerability was disclosed by cPanel on 30 April 2026, with the advisory noting that it could potentially allow unauthorized access to hosting control panels, resulting in modification or deletion of user data. The company's third-party service provider, AapKaHost, communicated that despite immediately implementing the required security updates and mitigation measures upon receiving the advisory, its hosting infrastructure was subjected to a sophisticated cyberattack. The attacker gained unauthorized access and severely damaged user data and services, with multiple suspicious files identified on certain user accounts.

Impact on Data and Operations

The following table summarises the key details of the incident and its impact as disclosed by the company:

Parameter:	Details
Disclosure Date:	11 May 2026
Vulnerability Identified:	CVE-2026-41940
Vulnerability Disclosed By:	cPanel on 30 April 2026
Systems Affected:	cPanel/WHM latest versions
Service Provider:	Third-party hosting and email management provider
Impact on Email:	Disruption of email communication services
Impact on Website:	Temporary unavailability; website taken offline
Data Status:	Database server data deleted; historical backups removed by attacker
Data Recovery:	Certain data may be partially recoverable or unrecoverable
Remediation Action:	Recoverable data migrated to a new server environment

The attacker allegedly deleted the database server data as well as historical backup data from the compromised environment, thereby restricting restoration from backup sources. As the old server environment was deemed no longer secure or trustworthy, all remaining recoverable data has been migrated to a new server environment.

Company's Clarifications and Precautionary Measures

Balgopal Commercial has clarified that the incident occurred at the level of the external service provider and not within the company's internal IT infrastructure. The company is in continuous coordination with the service provider to assess the nature and extent of the incident, and the impact on the company's data and operations is currently being evaluated.

As precautionary measures, the company has:

Temporarily taken its website offline
Flagged that email communications may be disrupted or unreliable
Advised stakeholders to exercise caution and verify any communication claiming to be from the company during this period

The service provider is currently undertaking restoration and remediation measures, including efforts to recover website content from alternative resources. The company has also stated it is reviewing additional safeguards to mitigate such risks going forward.

Regulatory Disclosure and Next Steps

The disclosure was made to BSE Limited in compliance with Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015. A copy of the communication dated 11 May 2026 received from the third-party service provider has been enclosed as Annexure – A with the filing. Balgopal Commercial has committed to keeping the stock exchange informed of any further material developments in this regard.