Re-evaluation portal: CBSE reports massive cyberattack, records over 28,000 successful submissions

The Central Board of Secondary Education (CBSE) said on Tuesday that its re-evaluation portal came under a large-scale cyberattack as thousands of Class 12 students logged in to challenge their board exam results.
According to the board, "malicious actors" launched a coordinated attack aimed at disrupting services on the platform. The incident involved a denial-of-service (DoS) attack, with 1.5 million hits recorded within a two-minute period.
Officials also detected more than one lakh attempts at unauthorised file access during the attack.
Despite the disruption attempt, CBSE said the platform continued to function. By 10 pm on Tuesday, the portal was handling nearly 14,000 concurrent users and had processed more than 28,000 successful submissions.
"While thousands of students accessed the CBSE re-evaluation portal today, malicious actors attempted to disrupt services through a barrage of cyberattacks," the board said in a post on X.
Experts point to coordinated cyber operation
Cybersecurity experts said the scale of the incident indicated a deliberate and organised effort.
Srinivas L, Joint MD and Joint CEO at 63SATS Cybertech, described it as a "coordinated, two-pronged operation".
He said the surge in traffic may have been intended to divert attention from other activities.
"The denial-of-service attack appeared to be a smokescreen while the file-access probing suggested attempts to 'pull something out' of the system," he said.
"A flood of 1.5 million requests in two minutes alongside a lakh file access attempts isn't a glitch or a bored hacker," Srinivas added. "You don't throw that kind of volume at a portal unless you're trying to pull something out while everyone's busy fighting fire... But the CBSE held fort and still got thousands of students through. Credit where it's due."
However, he warned against complacency.
"Holding the fort once isn't a strategy but rather just plain luck wearing a uniform," he said.
He added that when handling children's data, "cyber resilience isn't a feature you switch on at result time. It's the foundation the whole thing sits on and runs continuously".
Re-evaluation portal open until June 6
The online facility is available for Class 12 students who are dissatisfied with their evaluation and have already obtained scanned copies of their answer books.
The portal opened on June 2 and will remain available until midnight on June 6. CBSE said offline applications and late requests will not be accepted.
Students must log in through the official CBSE website using their Aadhaar number. Those without Aadhaar may use the Aadhaar details of a parent or guardian, provided the name, date of birth and gender match the identification used.
CBSE has prescribed the following fees:
- Verification of issues such as missing pages, supplementary sheets or blurred content: ₹100 per answer book
- Re-evaluation: ₹25 per question
Payments can be made through UPI, credit card, debit card or net banking.
The board said that once a student clicks the "freeze and proceed to payment" button, the submitted details cannot be changed. Only one application per student is allowed for each process.
Security strengthened after scrutiny
The launch of the portal comes after a period of scrutiny for CBSE. The platform was expected to go live by May 29 but was delayed.
Parents and students had earlier raised concerns about the board's On-Screen Marking (OSM) system, citing technical glitches and evaluation discrepancies.
CBSE said it has already introduced improvements following feedback, including extending session time limits to reduce the chances of users being logged out prematurely.
"Our teams remain on constant watch to ensure a secure, reliable and student-friendly platform," the board said.
The statement follows a Sunday announcement that a specialised team of experts from government agencies and the Indian Institutes of Technology (IITs) had been deployed to strengthen the portal's security architecture.