CBSE Admits Security Gaps In Online Marking Portal

The Central Board of Secondary Education (CBSE) has publicly acknowledged vulnerabilities in its On-Screen Marking (OSM) system amid growing concerns about the security of the digital platform used for evaluating Class 12 answer sheets. This admission represents a significant shift from the board’s previous stance, where it had denied any major breaches and attributed concerns to an incorrect URL and issues with the testing portal.

The controversy gained traction after ethical hackers and students raised alarms regarding the safety of sensitive examination data stored online. In an official statement posted on X, CBSE stated that it is closely monitoring the vulnerabilities identified in the OSM portal operated by its service provider and has initiated corrective measures to enhance security.

According to CBSE, a team of cybersecurity experts from government agencies and Indian Institutes of Technology (IITs) has been working to secure the platform over the past few days. The board noted that the identified vulnerabilities have been addressed and that the portal is being transitioned to a more secure infrastructure to prevent further exploitation.

The issue gained attention after 19-year-old ethical hacker Nisarga Adhikary claimed that answer sheets and question papers stored in an AWS bucket were publicly accessible online. His allegations sparked a nationwide debate regarding the security of CBSE’s digital ecosystem and raised concerns about data protection in the education sector.

Further scrutiny arose when 17-year-old Class 12 student Sarthak Sidhant analyzed CBSE tender documents and alleged that certain security requirements and eligibility criteria were relaxed during the tendering process. According to these allegations, such changes facilitated Hyderabad-based Coempt Eduteck in securing the contract for the On-Screen Marking system.

CBSE also expressed gratitude to ethical hackers and vigilant citizens who reported vulnerabilities in the system. The board stated that it had reached out to some individuals directly and invited others to report security concerns through its official email.

This development has intensified discussions about digital security, transparency, and accountability in India’s education system, especially as millions of students rely on online evaluation systems for crucial board examinations.