Cybersecurity warning caps disastrous summer for India’s crucial entrance exams
Cybersecurity warning caps disastrous summer for India’s crucial entrance exams
https://uk.news.yahoo.com/cybersecurity-warning-caps-disastrous-summer-110709077.html
Publish Date: 2026-06-01 07:07:00
Source Domain: uk.news.yahoo.com
An Indian school exam board has admitted flaws in its online grading system’s cybersecurity, which has impacted thousands of pupils and added to a series of challenges facing the education department of the country.
The government-run Central Board of Secondary Education (CBSE) in a post on X said it has been “closely monitoring” weaknesses in the OnMark portal after a teenager, who identified himself as an “ethical hacker,” revealed flaws in the system.
It was the latest issue to affect India’s education sector amid intensified calls for the education minister to resign following the high-profile cancellation of a national exam for medical students.
Last month, thousands of students reported discrepancies in their marks on school-leaving exams, which were allegedly linked to the OnMark portal. The portal, introduced this year, is a digital evaluation system that scans physical answer sheets and uploads them online for assessment by teachers.
Around 1.8 million students took the school-leaving exams in 2026, the results of which were announced on 13 May.
The row ensued after students claimed that the physical answer sheets they received differed from the digital copies provided by the education board as part of the re-evaluation process.
The controversy worsened after Nisarga Adhikary, a teen cybersecurity researcher, claimed the portal could have permitted a full takeover of an examiner’s account and potentially allowed tampering with marks. He said he disclosed five critical vulnerabilities in the marking portal to the country’s computer emergency response team on 25 February.
“We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain,” the CBSE said in a statement. “The identified vulnerabilities have been contained, and other exploitable weaknesses are being ruled out.
“We are grateful to all alert citizens and ethical hackers pointing out such weaknesses, and have gotten in…
