After CBSE controversy, NTA re-exam portal under scanner over alleged data vulnerabilities and system weaknesses

Just days after controversy erupted over the Central Board of Secondary Education’s (CBSE) digital evaluation system, another major examination platform has come under the scanner. This time, attention has shifted to the National Testing Agency’s (NTA) re-examination portal, following claims by cybersecurity researchers about serious potential vulnerabilities that could expose sensitive administrative and user data.

Allegations Surface on Social Media

The concerns were raised by independent researchers on social media, sparking renewed debate over the security readiness of digital systems managing high-stakes examinations in India. Although these claims have not been independently verified, they have already caused anxiety among students, educators, and cybersecurity experts due to the nature of the data allegedly involved.

Dubai-based cybersecurity researcher Rylen Anil claimed on X that the NTA’s portal had a “superadmin login bypass” caused by weak credentials.

Potential Data Exposure Risks

According to the posts, the alleged vulnerability may have exposed information related to thousands of observers, centre coordinators, and examination centres. This reportedly includes names, email addresses, and phone numbers.

The researcher further suggested that the issue extended beyond data exposure. It was claimed that unauthorized access to the administrative dashboard could allow actions such as exporting data, generating appointment letters, managing observers, uploading templates, and handling administrative mappings.

Screenshots circulating online appeared to show parts of the portal interface. However it has not independently confirmed the authenticity of these images or the extent of any potential breach.

Portal Becomes Inaccessible

Around the time the allegations gained traction online, users reported that the portal link began displaying a “404 Not Found” message, raising further questions about the situation.

Background: CBSE OSM Controversy

This development comes amid ongoing concerns related to CBSE’s On-Screen Marking (OSM) system. In recent weeks, the board has faced criticism over issues such as discrepancies in scanned answer sheets, evaluation concerns, and cybersecurity vulnerabilities highlighted by independent researchers.

In response, CBSE acknowledged certain weaknesses and stated that cybersecurity professionals, government agencies, and experts from IIT Kanpur and IIT Madras had been engaged to strengthen the system.

Awaiting Official Confirmation

TOI had contacted the National Testing Agency for clarification regarding the allegations. Queries were raised on whether the reported vulnerabilities have been reviewed, if any candidate or administrative data was compromised, and whether any security audits or corrective actions have been undertaken.

As of the time of publication, no response had been received from the NTA.

As of now, the claims regarding the NTA portal remain allegations made by independent researchers. Official confirmation or detailed clarification from authorities is still awaited.

[With TOI inputs]