CBSE Portal Security Breach Exposed After Hacker Discovers Flaws
Central Board of Secondary Education (CBSE) Acknowledges Digital Evaluation System Vulnerabilities
The Central Board of Secondary Education (CBSE) has acknowledged vulnerabilities in its digital evaluation system following reports of security weaknesses in the OnMark portal used for On-Screen Marking (OSM).
According to sources, the vulnerabilities identified in the OnMark system allowed for unauthorized access to sensitive examination-related resources, including scanned answer sheets and question papers stored on a misconfigured cloud storage bucket.
This exposure posed a significant risk to the security and integrity of the exam process.
The issue came to light when an ethical hacker, Nisarga Adhikary, publicly disclosed the vulnerabilities on social media and his blog.
The board promptly responded by acknowledging the existence of the weaknesses and stating that immediate corrective action had been initiated to strengthen the platform.
- A team of cybersecurity professionals has been deployed to examine the platform for vulnerabilities, evaluate potential risks, and implement additional safeguards to enhance overall system resilience.
- The board has also expressed appreciation for the efforts of ethical hackers and citizens who responsibly report security concerns, highlighting the importance of their contributions to strengthening digital security.
In a statement, the board emphasized the importance of safeguarding examination-related data and assured stakeholders that all reported issues were being thoroughly reviewed.
The board also clarified that the URL mentioned in social media discussions was not part of the live evaluation environment used for actual answer-sheet assessment, but rather a testing environment containing sample data.
The incident has sparked a broader debate about data security and the reliability of digital evaluation systems in India’s education sector.
- Experts and policymakers are calling for increased vigilance and robust security measures to protect sensitive information and ensure the integrity of the exam process.
- Cybersecurity specialists note that large digital platforms handling sensitive information should undergo regular penetration testing, third-party audits, and responsible disclosure programs to prevent similar incidents.
- They emphasize the need for continuous monitoring and proactive risk management to maintain a mature cybersecurity framework.
For now, the CBSE has assured stakeholders that all security-related concerns are being addressed, and necessary measures are being implemented to enhance the safety of its evaluation ecosystem.
The outcome of the ongoing review and potential reforms will be closely watched by students, parents, educators, and policymakers across the country.
About Author
English