Teen Hacker Exposes Flaws in CBSE’s Online Marking System, Board Acknowledges Vulnerabilities
CBSE said that over the past few days an expert team of cybersecurity professionals from various government agencies and IITs have been working to strengthen the system's security infrastructure.
New Delhi: The Central Board of Secondary Education (CBSE) on Sunday in a social media post addressed the ongoing controversy around the On-Screen Marking and said that they are closely monitoring vulnerabilities identified in the OSM portal of its service provider after concerns were flagged in the public domain.
What did the CBSE say?
CBSE in a social media post said that over the past few days an expert team of cybersecurity professionals from various government agencies and Indian Institutes of Technology (IITs) have been working to strengthen the system's security infrastructure.
Taking to X, CBSE said that, "We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain. An expert team of cybersecurity professionals has been deployed over the last few days from across various arms of the government as well as the IITs to fortify these systems, including taking them over to a more secure set up."
"The identified vulnerabilities have been contained, and other exploitable weaknesses are being ruled out," it added.
We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain. An expert team of cybersecurity professionals has been deployed over the last few days from across various arms of the government as well…
— CBSE HQ (@cbseindia29) May 31, 2026
Did CBSE thank hackers?
The CBSE in the post also thanked alert citizens and ethical hackers who brought potential security issues to the board's attention.
In the post, CBSE said that it has already contacted some of these individuals directly and appreciated their role in helping improve the system's security.
Taking to X, CBSE wrote, "We are grateful to all alert citizens and ethical hackers pointing out such weaknesses, and have gotten in touch with some of them directly.
We request any others to reach out to our security teams at secy-cbse@nic.in for any further inputs."
