Back

Massive Data Breach Allegedly Exposes CBSE Answer Sheets of 2 Million Students

Severity: High (Score: 63.0)

Sources: Thestatesman, Madhyamamonline

Published: 2026-05-31 · Updated: 2026-05-31

Keywords: congress, answer, alleged, cbse, sheet, massive, breach

Severity indicators: breach, massive breach

Summary

The Indian National Congress has alleged that answer sheets of nearly two million Class 12 students from the Central Board of Secondary Education (CBSE) have been exposed online. Congress leader Jairam Ramesh criticized the Union government for failing to protect sensitive student information, calling the incident a massive breach of privacy. He pointed out that the leaked documents showed signs of poor scanning quality, suggesting they were captured using mobile phones instead of professional equipment. The allegations also include claims that an improperly configured storage bucket allowed public access to these files. Ramesh demanded accountability from COEMPT, the contractor responsible for digitization and evaluation, and called for a Central Bureau of Investigation probe. The incident has raised serious concerns about data security and the management of examination processes within educational institutions. The Congress party has renewed calls for the resignation of Union Education Minister Dharmendra Pradhan. Key Points: • Nearly two million CBSE Class 12 answer sheets allegedly exposed online. • Congress blames the government and COEMPT for severe lapses in data security. • Leaked documents reportedly show poor scanning quality, raising further concerns.

Detailed Analysis

**Impact** Approximately two million Class 12 students under the Central Board of Secondary Education (CBSE) in India are affected by the exposure of their answer sheets. The breach compromises sensitive student data, including examination responses and potentially question papers from the 2026 exams. This incident impacts the education sector nationally, raising privacy and data security concerns for millions of students and their families. The operational integrity of CBSE’s digitisation and evaluation processes is also at risk. **Technical Details** The breach reportedly resulted from an improperly configured storage bucket that allowed public access to CBSE-related files. The digitised answer sheets appear to have been scanned using mobile phones or low-quality scanners rather than professional or robotic scanning equipment, following changes in the tender requirements. No specific malware, CVEs, or attack infrastructure details are provided in the articles. The incident corresponds to a data exposure phase in the kill chain, likely due to misconfiguration and procedural lapses. **Recommended Response** Immediate review and reconfiguration of cloud storage permissions and access controls are critical to prevent further unauthorized data exposure. Conduct a thorough audit of the digitisation contractor’s equipment and processes to ensure compliance with technical requirements. Deploy monitoring for unusual data access patterns related to examination data repositories. No specific malware detections or patches are mentioned; focus should be on securing storage configurations and validating contractor adherence to security protocols.

Source articles (2)

  • Congress alleges massive CBSE answer sheet data breach — Madhyamamonline · 2026-05-31
    The Indian National Congress on Sunday alleged that the answer sheets of nearly two million Class 12 students under the Central Board of Secondary Education had been exposed online, raising serious co…
  • Congress raises alarm over alleged CBSE answer sheet leak, questions evaluation contractor — Thestatesman · 2026-05-31
    Congress leader Jairam Ramesh on Sunday alleged that the answer sheets of nearly two million CBSE Class 12 students had been exposed in the public domain, describing the incident as a massive breach o…

Timeline

  • 2026-05-31 — Congress alleges CBSE answer sheet data breach: Jairam Ramesh claims that answer sheets of 2 million students were exposed online, demanding accountability from the government and COEMPT.
  • 2026-05-31 — Congress criticizes handling of student data: Ramesh accuses the Union government of negligence in protecting sensitive student information and calls for a CBI probe.

Related entities

  • Data Breach (Attack Type)
  • Central Board Of Secondary Education (Company)
  • Education (Company)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
  • CWE-862 - Missing Authorization (Cwe)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed