New Delhi, June 2, 2026 – The Central Board of Secondary Education (CBSE) faced a significant cybersecurity challenge on Tuesday as its newly launched re-evaluation portal, designed to address student concerns over Class 12 results, was subjected to a barrage of cyberattacks. The Board confirmed that malicious actors attempted to disrupt the platform, which opened for applications seeking marks verification and answer re-evaluation, with a particularly aggressive denial-of-service (DoS) attack generating nearly 1.5 million hits in a mere two minutes.
Despite these sophisticated attempts to cripple the system, the CBSE asserted that the portal remained operational, thanks to the vigilant efforts of its technical teams. The incident casts a shadow over the Board’s efforts to streamline its post-result scrutiny process, especially in the wake of widespread concerns regarding errors in this year’s Class 12 results, attributed in part to the first-time implementation of the On-Screen Marking (OSM) digital evaluation system.
Genesis of the Disruption: A Flawed Launch and Targeted Attacks
The launch of the Post-Result Activities portal, intended to offer a crucial avenue for students to seek clarification and correction of their examination marks, was marred by initial technical glitches and a delay in its operational rollout. Originally slated to open on June 1, the portal remained inaccessible throughout Monday, leading to considerable anxiety and frustration among students and school administrators alike. The prolonged downtime amplified concerns about the Board’s preparedness to handle the volume of applications and potential errors stemming from the new digital evaluation system.
The portal finally went live at 4 am on Tuesday, just as thousands of Class 12 students began logging in to initiate their requests for marks verification and re-evaluation. It was during this critical period of high user activity that the cyberattacks commenced. The CBSE, in a statement released on the social media platform X, detailed the nature of these malicious attempts.
"While thousands of students accessed the CBSE re-evaluation portal today, malicious actors attempted to disrupt services through a barrage of cyberattacks," the Board stated. The most impactful of these attacks was identified as a denial-of-service (DoS) assault, a common tactic used to overwhelm a server with excessive traffic, rendering it inaccessible to legitimate users. The sheer volume of nearly 1.5 million hits within a two-minute window underscores the intensity of this attack.
Beyond the DoS attack, the Board also reported over one lakh attempts at unauthorized file access during the same period. This suggests a multi-pronged approach by the attackers, aiming not only to disrupt service but potentially to gain access to sensitive data or manipulate system integrity.
Reassurance Amidst Adversity: CBSE’s Commitment to Students
In the face of these challenges, the CBSE was quick to reassure students that the platform remained functional and that their applications were being processed. The Board emphasized the proactive measures taken by its technical teams to counter the cyber threats and ensure uninterrupted service.
"Our teams remain vigilant and responsive to ensure our dearest students are facilitated in all ways possible," the CBSE declared in its statement, aiming to mitigate the anxiety caused by the reported attacks and the initial launch delay. This commitment was crucial, given the impending deadlines for university admissions and counseling sessions, which depend heavily on the timely completion of the re-evaluation process.
A Chronology of Events: From Delay to Defense
The sequence of events leading up to and following the cyberattacks paints a picture of a system under immense pressure.
- May 31, 2026 (Scheduled Launch): The CBSE announces that the Post-Result Activities portal will open for students seeking marks verification and re-evaluation.
- June 1, 2026: The portal fails to launch as scheduled, remaining inaccessible throughout the day. This triggers widespread complaints from students and school principals, who express concern over the delay and its impact on admission timelines.
- June 1, 2026 (Late Evening): A CBSE official, speaking on condition of anonymity, informs The Indian Express that technical teams are working diligently to stabilize the platform. The official acknowledges the inconvenience and mentions the involvement of IIT Madras and IIT Kanpur teams in enhancing the platform’s robustness.
- June 2, 2026 (4:00 AM): The Post-Result Activities portal finally goes live, offering students the ability to apply for verification and re-evaluation. The application window is set to remain open until midnight on June 6.
- June 2, 2026 (Morning/Afternoon): As thousands of students begin logging in, the portal experiences multiple cyberattack attempts, including a significant DoS attack that generates approximately 1.5 million hits in two minutes. Over one lakh attempts at unauthorized file access are also recorded.
- June 2, 2026 (Afternoon): The CBSE issues a statement confirming the cyberattacks but assures that the portal remains operational. The Board highlights the vigilance of its technical teams. By 3 pm, over 16,000 students had successfully submitted applications, with the system simultaneously supporting over 8,000 users.
Supporting Data and System Capabilities
The CBSE provided specific data points to illustrate both the user engagement with the portal and the scale of the cyberattacks. By 3 pm on Tuesday, the portal had successfully processed applications from over 16,000 students. Concurrently, the system was managing a substantial load of over 8,000 active users, demonstrating its capacity to handle significant traffic.
The re-evaluation portal is designed to facilitate a comprehensive post-result scrutiny process. Students who have already obtained scanned copies of their evaluated answer books can utilize the platform to address a range of issues, including:
- Missing Pages or Supplementary Sheets: Ensuring all parts of the answer booklet have been accounted for.
- Blurred Scans: Requesting clarity on illegible portions of the scanned answer sheets.
- Incorrect Answer Books: Addressing instances where the wrong answer booklet was scanned or evaluated.
- Evaluation Against Different Question Paper Sets: Rectifying errors where an answer was marked against an incorrect version of the question paper.
- Other Discrepancies: A catch-all for any other anomalies observed in the evaluation process.
Furthermore, students dissatisfied with the marks awarded for specific answers can formally request a re-evaluation of those particular questions. The application process requires students to log in using their credentials and Aadhaar number, with all applications and fee payments being handled exclusively online, thereby enhancing security and transparency.
In response to user feedback and to improve the application experience, the CBSE has also made adjustments to the platform. Notably, session time limits have been extended to make the application process "more convenient and seamless" for students.
Implications and Broader Context: Navigating the Digital Transition
The cyberattack on the CBSE re-evaluation portal occurs against a backdrop of heightened scrutiny of the Board’s examination and evaluation processes. The introduction of the On-Screen Marking (OSM) system, a digital evaluation method, for the first time this year, has been a significant shift. While OSM is intended to enhance efficiency and accuracy, its implementation has evidently been accompanied by teething problems, as evidenced by the concerns raised about errors in this year’s Class 12 results.
The revamped post-result scrutiny process, which now allows students to first access scanned copies of their evaluated answer books before proceeding with verification or re-evaluation, represents a departure from previous years’ procedures. This new sequence aims to empower students with more direct access to their evaluated work, facilitating a more informed approach to seeking redress.
The cyberattack, while a direct challenge to the operational integrity of the portal, also serves as a stark reminder of the evolving landscape of cybersecurity threats in the digital age. Educational boards, entrusted with the academic futures of millions, must invest in robust security infrastructure and continuous monitoring to safeguard their systems against malicious actors.
The incident highlights the delicate balance between implementing innovative digital solutions and ensuring their security and reliability. For students, the disruption, even if temporary, adds another layer of stress to an already anxious post-result period. The CBSE’s swift response and commitment to transparency are crucial in rebuilding confidence.
Looking ahead, the CBSE and other examination boards will need to learn from this experience. This includes strengthening their cybersecurity defenses, ensuring redundancy in critical systems, and developing comprehensive incident response plans. The ability to provide a secure and reliable platform for post-result activities is paramount, not only for student welfare but also for maintaining the credibility of the examination system itself. The successful navigation of these challenges will be critical as educational institutions continue their digital transformation journeys.
