CBSE says OnMark vulnerabilities contained after teen hacker flags access to answer sheets, question papers
Aatif Ammad | May 31, 2026 | 03:30 PM IST | 2 mins read
Board deploys cybersecurity experts from government agencies and IITs; political row erupts over alleged exposure of student records
Download this ebook to explore 50+ entrance exams after Class 12 for admission into top undergraduate colleges across engineering, management, law & more.
Download NowThe Central Board of Secondary Education (CBSE) has said it has contained vulnerabilities detected in the OnMark portal of its service provider after allegations surfaced online that scanned answer sheets and question papers were publicly accessible through a misconfigured cloud storage system.
Latest: IIT Courses After Class 12th PCM Without JEE | JEE Main 2027 Mock Test
Also See: Foreign Universities in India | Liverpool | York | Bristol | Victoria
The issue gained attention after a 19-year old ethical hacker Nisarga Adhikary claimed on social media that an Amazon Web Services (AWS) storage bucket linked to the system could be accessed without authentication. As per Adhikary, users were allegedly able to browse and download scanned answer booklets and question papers from 2026 examinations.
In a post on X, Adhikary wrote that the cloud storage configuration allowed public listing of files. He alleged that multiple institutions were using the same bucket , potentially exposing a large volume of academic records.
CBSE in its post on X said it had been monitoring the reported vulnerabilities and had launched an extensive security review.
CBSE deploys cybersecurity experts
In its statement, the board said cybersecurity specialists from government agencies and the Indian Institutes of Technology (IITs) had been engaged to strengthen the affected systems.
CBSE said it had been monitoring the vulnerabilities reported in the OnMark portal and had initiated corrective measures. In a post on X, the board said an "expert team of cybersecurity professionals" from government agencies and IITs had been deployed to strengthen the system and move it to a more secure setup.
The board added that the identified weaknesses had been contained and that additional reviews were underway to determine whether any other exploitable issues remained.
CBSE also thanked ethical hackers and citizens who brought the matter to its notice. The board said it had directly contacted some of the individuals who flagged the vulnerabilities and invited others to share inputs with its security team.
CBSE OnMark Portal: Data exposure allegations
The controversy also drew political attention. Congress leader Jairam Ramesh shared Adhikary's claims and questioned the security of student records.
"In today's developments on Mantri Pradhan's Ministry of Scandals, the answer sheets of 2 million CBSE Grade 12 students have been shown to be available in the public domain. This is a data breach of monumental proportions and it compromises the privacy of 2 million students," Ramesh wrote on X.
He further raised questions about the quality of the scanned answer sheets that surfaced online and sought clarification on the scanning systems used by the service provider.
The development comes months after Adhikary had earlier highlighted alleged security flaws in CBSE's digital evaluation ecosystem.
While the board maintains that the reported vulnerabilities have now been addressed, the incident has once again brought attention to cybersecurity practices surrounding large-scale examination and evaluation platforms used by educational institutions.
Follow us for the latest education news on colleges and universities, admission, courses, exams, research, education policies, study abroad and more..
To get in touch, write to us at news@careers360.com.
Quick Watch
]Next Story
]PM-SETU stumbles on first step as MSDE scheme to upgrade ITIs struggles to find industry partners
Ministry of skill development’s scheme for revamping Industrial Training Institutes, sees low interest from industries. Meanwhile, govt ITIs decline with outdated courses, poor infra
Shradha Chettri | 2 mins readFeatured News
]- Maharashtra hostels for SC, ST students run without wardens, overcrowded; some ‘bogus’: CAG report
- 'Diagnosed with SLD by accident’: Adults fighting ADHD, dyslexia, dyscalculia have neither measure nor relief
- Over 70% Indians in Germany find right job, fit into workforce, but language a major hurdle: Study
- AISHE Report: SC, ST faculty at just 10% and 3%, women drop from 44% at entry level to 27% at professor rank
- Has DST scrapped INSPIRE-SHE scholarship? No notice, list, budget or clarity leaves students wondering
- In National Pharmacy Commission Bill, exit test after B.Pharm, board for AYUSH and reduced state role
- UDISE+ 2025-26: SC, OBC enrolment hits 6-year low; over 8,000 govt schools shut in a year as 26 lakh drop out
- NIPER Hyderabad, Ahmedabad bet on COEs, revamping pharmacy syllabus with AI, med-tech courses: Director
- Visva Bharati Recruitment: Complaint to PM alleges DR selection records destroyed; varsity says ‘ridiculous’
- Sowa Rigpa: India’s Tibetan medicine students must know the language before they treat patients