CBSE confirms no breach after teen hacker claims big vulnerabilities: Full story in 5 points
Follow UsCBSE denied the hack claims and said student data remains safe.
A 19-year-old researcher claimed to have found security issues in the system.
The issue added to concerns over trust and transparency in exams.
The Central Board of Secondary Education (CBSE) has responded after a 19-year-old cybersecurity enthusiast claimed to have found major flaws in its On-Screen Marking (OSM) system. The controversy gained attention online after claims surfaced that the portal used for evaluation could allow examiner impersonation, password resets and possible changes to marks. Nisarga Adhikary said he had reported the issues months earlier but received little to no response about the same. As criticism spread and concerns grew among students and parents, the board issued a public clarification. In its latest CBSE response, the board denied any breach of the actual evaluation platform and said the claims involved a testing environment. Here’s the complete story in 5 simple points.
SurveyPoint 1: What did the 19-year-old hacker claim
Nisarga Adhikary, who describes himself as an ethical hacker and cybersecurity researcher, claimed he explored the newly introduced OSM system after becoming curious about how digital evaluation worked.
According to him, he found multiple weaknesses that allegedly made it possible to bypass login protections, reset passwords and impersonate examiners. He also claimed that some security checks could be viewed through browser tools and that parts of the system relied on exposed JavaScript code.
Talking about the OSM portal hack, Adhikary said that ‘it was one of the easiest hacks of my life’. You don’t even need to know programming; you just need to know control point F and need to know the logic. That was the master vulnerability.’ He further added that the flaws were serious because they could affect the integrity of the evaluation process if exploited.
Also read: Your iPhone may soon detect if it has been snatched and lock itself automatically
Point 2: CBSE responds to the hack claim
Responding to the controversy, the board posted a clarification on its official X handle and rejected the suggestion that the live marking platform had been hacked. CBSE further clarified that the URL mentioned in public posts was not the portal used for actual answer-book evaluation.
According to CBSE, the site which is claimed to be compromised is a testing platform that contains sample data for internal review and testing purposes. The board also assured the parents and the students that real student marks, evaluation records or live examination data were not stored there and are safe with CBSE.
Clarification Regarding Claim of Compromise of CBSE OSM Portal
— CBSE HQ (@cbseindia29) May 26, 2026
In a post made by a user on social media, it has been claimed that the CBSE On Screen Marking (OSM) bearing URL: https://t.co/cuLrvsxzOH was compromised by him on 26.02.2026. This has also formed the basis for a few…
Point 3: Why did the issue trigger wider concern
CBSE is already facing scrutiny after many students raised concerns about irregularities in answer sheet access and result outcomes following the Class 12 results. Several students claimed that the answer sheets shown on the portal did not belong to them. Many students also complained that the handwriting on the papers displayed was inconsistent with their handwriting in the exams.
The recent reports of the hacking of the exam papers have therefore added to this ongoing debate on transparency and trust in the examination system.
Point 4: CERT-In and officials were reportedly informed
Adhikary said he reported the vulnerabilities to multiple authorities, including CERT-In and government-linked cybersecurity contacts, before making the issue public. He further added that the authorities only took limited action on his complaints, and he only published the technical explanations and demonstrations online, as he was not satisfied by the responses and actions from the concerned authorities.
Also read: Paid for UK visa online? Your passport and selfie may have been exposed in alleged data leak
Point 5: What did the Union Education Minister say
The matter has now moved beyond social media discussion, as the Union Education Minister Dharmendra Pradhan earlier directed officials to review the glitches and strengthen digital systems. Moreover, CBSE has also maintained a firm stance and said that the safeguards of the Class 12 students’ results remain in place and that the platform used for actual evaluation remains secure.
