JEE Advanced data leak? Researcher flags CBSE-like 'cloud flaw'; IIT Roorkee responds

Days after the declaration of Joint Entrance Examination, JEE Advanced 2026 results, a cybersecurity researcher has alleged that candidate-related data linked to the examination was publicly accessible due to a cloud storage configuration issue. It was flagged by Rylen Anil, a cybersecurity researcher. In his post, Anil claimed that infrastructure associated with JEE Advanced 2026 candidates and results had a cloud storage misconfiguration that allowed access to data without authentication.

According to the researcher, the issue was linked to a storage endpoint associated with JEE Advanced result infrastructure. He alleged that the configuration flaw exposed approximately 179,600 result records and around 187,300 admit-card PDF files. Anil further claimed that the accessible records included candidates' names, dates of birth, mobile numbers and other personal information.

To support the claims, the researcher attached screenshots that appeared to show a large collection of admit-card PDF files accessible through a directory-style listing. He described the issue as a publicly accessible cloud storage configuration error and compared it with concerns raised about digital infrastructure used by CBSE.

Also read 'Son Im Crine': A teen and techies Vs the CBSE; or how the battle over the OSM portal unfolded online

IIT Roorkee responds

The claim prompted a response from Indian Institute of Technology, IIT Roorkee, the organising institute for JEE Advanced 2026. Replying to his tweet, IIT Roorkee acknowledged a "configuration issue" and said corrective action was being taken on priority. However, IIT Roorkee clarified that the data stored was read-only which eliminates the chances of alteration.

IIT Roorkee said, "Thank you for pointing out the configuration issue in the cloud storage device. The same is being plugged on priority. The data stored was read-only and so there was no possibility of any alteration. We applaud your responsible and ethical behaviour." The response marks an acknowledgement by the organising institute that a configuration issue existed. However, IIT Roorkee did not confirm the scale of the alleged exposure cited by the researcher.

The development has drawn attention because JEE Advanced exam conducting body handles sensitive information of thousands of candidates seeking admission to the Indian Institutes of Technology (IITs).

Also read JEE Advanced cut-off 2026 rises across all categories; minimum marks for General, OBC, SC, ST announced

JEE Advanced 2026 results

A total of 1,79,694 candidates appeared for both papers of JEE (Advanced) 2026, of whom 56,880 qualified. Shubham Kumar from the IIT Delhi zone secured AIR 1 with 330 out of 360 marks, while Arohi Deshpande emerged as the top female candidate with CRL 77 and 280 marks. Female candidates accounted for 10,107 of the qualified candidates. The IIT Madras zone recorded the highest number of qualified candidates (14,294), followed by IIT Bombay (12,389).