Back

CBSE Portal Cyberattack Affects 50 Students' Payment System

Severity: Medium (Score: 57.9)

Sources: Siasat, Devdiscourse, Thechenabtimes, Abhs.In

Published: 2026-05-30 · Updated: 2026-05-30

Keywords: cbse, breach, portal, payment, system, malicious, attack

Severity indicators: breach, rat, cyberattack

Summary

On May 30, 2026, the CBSE revaluation portal was compromised, allowing approximately 50 students to manipulate fee displays through a vulnerability in the HDFC payment gateway. Fees fluctuated dramatically from Re 1 to Rs 68,000 due to unauthorized access. The attack occurred when the portal was restored after a period of downtime, raising concerns about the security of the payment system. In response, the CBSE has integrated four additional public sector banks to enhance its payment infrastructure and migrated the system to Amazon Web Services (AWS) for improved reliability. IIT Madras and IIT Kanpur are conducting audits to identify and rectify vulnerabilities. A meeting between Union Education Minister Dharmendra Pradhan and Finance Minister Nirmala Sitharaman on May 24 addressed these issues, leading to immediate actions to strengthen the portal's security. Key Points: • Approximately 50 students exploited a vulnerability in the CBSE revaluation portal's payment system. • Fees displayed on the portal fluctuated from Re 1 to Rs 68,000 due to unauthorized access. • The CBSE is enhancing security by integrating four public sector banks and migrating to AWS.

Detailed Analysis

**Impact** Approximately 50 students gained unauthorized access to the CBSE revaluation portal’s payment system, manipulating fee amounts displayed from as low as Re 1 to nearly Rs 68,000. The incident affected the payment process for Class XII students nationwide, with an additional ~20 cases of incorrect scanned answer sheets issued out of over 1.13 million requests. The breach impacted the education sector in India and disrupted the post-result and revaluation workflows, causing operational delays and undermining payment integrity. **Technical Details** The attack exploited a vulnerability in the HDFC Bank payment gateway integration during the portal’s relaunch after downtime. The manipulation involved client-side tampering of payment amounts, likely due to a lack of server-side validation or cryptographic signing of transaction data before redirecting to the payment gateway. No specific malware, CVEs, or IOCs were reported. The system was migrated to AWS and integrated with four PSU bank gateways (State Bank of India, Canara Bank, Indian Bank, Bank of Maharashtra) as part of remediation efforts. **Recommended Response** Implement strict server-side validation and cryptographic signing of payment amounts tied to order IDs to prevent client-side tampering. Harden payment gateway integrations by conducting comprehensive security audits and penetration testing, prioritizing gateways under high load or outage conditions. Monitor transaction anomalies and access logs for unauthorized manipulations. Continue collaboration with cybersecurity experts and conduct regular system reviews post-migration to AWS.

Source articles (4)

  • CBSE Payment System Breach Exposes Malicious Attack — Devdiscourse · 2026-05-29
    The CBSE revaluation portal recently experienced a security breach, giving approximately 50 students unauthorised system access. Sources within the government highlighted the payment gateway associate…
  • 50 children breach CBSE portal in cyberattack — Siasat · 2026-05-30
    New Delhi: The CBSE revaluation portal’s payment system was hit by a “malicious attack”, with around 50 students gaining unauthorised access, government sources said on Friday. “There were some unauth…
  • CBSE Portal Attack: 50 Students Breached Payment, Fees Hit Rs 68,000 — Abhs.In · 2026-05-30
    Government sources said May 30, 2026 that ~50 students breached the CBSE revaluation portal via an HDFC gateway flaw, showing fees from Re 1 to Rs 67,000-68,000. Government sources told PTI on May 30,…
  • India: CBSE Portal Faces Malicious Attack, Affecting Approximately 50 Students — Thechenabtimes · 2026-05-30
    NEW DELHI: The Central Board of Secondary Education (CBSE) revaluation portal experienced a significant disruption due to a malicious cyber attack, impacting the payment system and affecting around 50…

Timeline

  • 2026-05-24 — Meeting between Education and Finance Ministers: Union Education Minister Dharmendra Pradhan discussed payment issues with Finance Minister Nirmala Sitharaman, leading to security enhancements.
  • 2026-05-30 — CBSE portal cyberattack confirmed: The CBSE revaluation portal was attacked, affecting around 50 students who manipulated fee displays through the HDFC payment gateway.
  • 2026-05-30 — New payment gateways integrated: CBSE integrated four public sector banks to strengthen its payment infrastructure following the attack.
  • 2026-05-30 — System migrated to AWS: The CBSE portal was migrated to Amazon Web Services to improve performance and reliability after the attack.

Related entities

  • Salt Typhoon (Apt Group)
  • Data Breach (Attack Type)
  • ChatGPhish (Vulnerability)
  • Trapdoor (Platform)
  • CBSE (Company)
  • Education (Company)
  • Amazon Web Services (Company)
  • AWS (Company)
  • India (Country)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
  • CWE-798 - Use of Hard-coded Credentials (Cwe)
  • Government (Industry)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed