&w=1200&q=75)
Cybersecurity Flaw in NTA's Re-Examination Portal Poses Risk to Sensitive Data
NTA Re-Examination Portal Breach Could Expose Sensitive Data of Officials, Claims Researcher
Image: Times Now News
A cybersecurity researcher has identified vulnerabilities in the National Testing Agency's (NTA) re-examination portal, potentially exposing sensitive data of thousands of officials. The breach allows unauthorized access to critical information, prompting NTA to take immediate action to secure the portal.
- 01The breach could expose sensitive information of approximately 7,900 observers, 676 city coordinators, and 5,400 exam centre superintendents.
- 02The researcher, Rylen Anil, found that weak credentials allowed access to the Superadmin Dashboard, enabling the export of sensitive data.
- 03NTA swiftly took down the portal following the discovery and is working to address the vulnerabilities.
- 04Rylen Anil also reported a separate issue with JEE Advanced 2026's cloud storage, exposing data of 179,600 candidates.
- 05IIT Roorkee acknowledged the cloud storage misconfiguration and is addressing the issue promptly.
Advertisement
In-Article Ad
A cybersecurity vulnerability in the National Testing Agency's (NTA) re-examination portal has been reported by independent researcher Rylen Anil. He claims that the portal's superadmin login could be easily bypassed using weak credentials, potentially exposing sensitive data of 7,900 observers, 676 city coordinators, and 5,400 exam centre superintendents. This breach could allow unauthorized individuals to access the Superadmin Dashboard, enabling them to export sensitive information, generate appointment letters, and manipulate exam processes. Following the discovery on May 31, NTA took immediate action to secure the portal by taking it offline. Additionally, Rylen highlighted another vulnerability in the JEE Advanced 2026 candidate/result infrastructure, which exposed data of 179,600 candidates due to public cloud storage misconfiguration. The Indian Institute of Technology (IIT) Roorkee, responsible for JEE Advanced 2026, confirmed that they are addressing the issue and commended Rylen for his responsible reporting.
Advertisement
In-Article Ad
The breach poses significant risks to the privacy and security of officials involved in examination processes.
Advertisement
In-Article Ad
Reader Poll
How concerned are you about data breaches in educational institutions?
Connecting to poll...
More about National Testing Agency
Read the original article
Visit the source for the complete story.