wordpress blog stats
Connect with us

Hi, what are you looking for?

“All data encrypted”: CBSE denies personal data breach of NEET candidates

The names, phone numbers and email addresses have been blacked out to protect the privacy of the individuals.

The CBSE has denied any breach of personal data of 2018 National Entrance Cum Eligibility Test (NEET) candidates saying the allegations “appears to be the handiwork of certain unscrupulous persons with the objective of duping the gullible public.” The CBSE issued the statement in response to a letter Congress President Rahul Gandhi wrote to the board asking it to act on multiple media reports on the data leak of NEET candidates.

No question of breach, all data encrypted: CBSE

The board has said that there was “no question of any breach of data or any misuse of data by the CBSE” as all the data of all 1.3 million NEET 2018 candidates was maintained “only in encrypted format with strict security measures with the National Informatics Centre.” Even when CBSE accesses data from the NIC, which hosts data of several government websites, “it does not contain personal details such as mobile numbers, details of identification documents, email IDs, etc.”

The entire data of more than 13,26,725 candidates of NEET-UG was maintained only in encrypted format with strict security measures with National Informatics Centre (NIC). So much so that, even in the printout of the confirmation page downloaded by the candidates, the vital details such as identification documents, mobile and email ID are in the encrypted format.

…The National Informatics Centre host several government data in highly secured environment…

There is no question of any breach of data or any misuse of data by CBSE. Rather, CBSE has a full proof system of conducting search prestigious and high stake examinations such as NEET-UG, and ensures data protection in the interest of examinees and to uphold the sanctity of public examinations.

Director, NEET-UG.
(Statement issued by CBSE)

On July 20, Gandhi had written to the CBSE Chairperson Anita Karwal urging the body to “put in place additional safeguards to prevent the recurrence of such data breaches” after multiple reports emerged showing that personal data of 200,000 NEET 2018 candidates was up for sale on neetdata.com. “I am shocked by this wide-scale theft of personal data that has compromised the privacy of candidates across the country. This highlights the serious lack of safeguards to prevent the data breach and calls into question the ability of the CBSE to ensure the sanctity of the examination process,” Gandhi wrote. The NEET is a annual countrywide exam for entrances into government and private medical colleges convened by the CBSE. This year, 1.3 million students appeared for the exam; the data leak contained personal information of upto 200,000 of those candidates.

Personal and academic data of millions of Indian students is up for sale online

Last week, it emerged that a website run by an individual was leaking the exhaustive personal data of 200,000 NEET 2018 candidates; the portal was selling this data to coaching institutions and private colleges alike, who would evidently use the data to advertise their own institutions to these candidates. As reported by MediaNama, the portal was just one among more than 50 such portals which was leaking personal and academic data of students across the country and had put them up for sale. More than 50 websites run by a single person are leaking expansive and exhaustive data containing personal information of students including name, phone number, email address, college name, academic qualification, year of passing or year student is currently in and so on. The students in question are from engineering colleges, medical schools, fashion institutes, business schools and even 12th graders. The domains are a treasure trove of personal data for advertisers who want to market their institutions and coaching classes to aspiring students.

MediaNama’s take

The CBSE has failed to identify that encrypted data can be decrypted, and then uploaded and accessed by any and all parties. Even though the CBSE says it was not the source of the leak, it remains a fact that data of millions of candidates who have appeared for exams convened by the CBSE — 12th standard board exams, NEET, JEE, among others — is still out there and up for sale (On one portal, data of 3.7 million students who appeared for 12th standard board exams is leaked.) If nothing else, as a central government education board, the CBSE has a duty to issues warnings to students and parents (especially when the students can be minors) about the risks of such data being out in the open.

You May Also Like


Large troves of personal and sensitive data belonging to investors on crypto-currency exchange BuyUCoin has been leaked on the dark web. The data leak...


As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...


Sensitive card data belonging millions of Indians has been compromised and leaked on the dark web due to a security comprise at a server...


Sensitive details belonging to 7 million debit and credit cardholders are available on a public Google Drive document that has been circulating on the...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ