CBSE Revaluation Portal Hit by Cyberattack, 50 Students Exploit Payment System
The Central Board of Secondary Education (CBSE) recently faced a cyberattack targeting its revaluation portal’s payment system, allowing around 50 students to gain unauthorized access. The breach, reported by government sources, disrupted the portal’s payment gateway integrated with HDFC Bank causing erratic fee displays, with amounts fluctuating between ₹1 and ₹67,000–68,000.
Officials confirmed the manipulation of payment-related data, though the intent whether a prank or malicious remains unclear. The issue surfaced shortly after the portal’s launch, leading to operational disruptions during the revaluation application process.
In response, CBSE has expanded its payment infrastructure by partnering with four public sector banks: State Bank of India, Canara Bank, Indian Bank, and Bank of Maharashtra. Technical teams from IIT Madras, IIT Kanpur, and the Digital Infrastructure Corporation of India are reviewing the system to bolster security.
To address capacity constraints, the portal has been migrated to Amazon Web Services (AWS) for improved stability. The upgraded system has since been synced and tested, with oversight from Education Minister Dharmendra Pradhan and Finance Minister Nirmala Sitharaman to ensure seamless functionality.
HDFC BANK LTD cybersecurity rating report: https://www.rankiteo.com/company/hdfc-bank-ltd
"id": "HDF1780122285",
"linkid": "hdfc-bank-ltd",
"type": "Cyber Attack",
"date": "5/2026",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Students applying for '
'revaluation',
'industry': 'Education',
'location': 'India',
'name': 'Central Board of Secondary Education (CBSE)',
'type': 'Government Education Board'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'sensitivity_of_data': 'High (payment information)',
'type_of_data_compromised': 'Payment-related data'},
'description': 'The Central Board of Secondary Education (CBSE) faced a '
'cyberattack targeting its revaluation portal’s payment '
'system, allowing around 50 students to gain unauthorized '
'access. The breach disrupted the portal’s payment gateway '
'integrated with HDFC Bank, causing erratic fee displays with '
'amounts fluctuating between ₹1 and ₹67,000–68,000. The '
'manipulation of payment-related data occurred, though the '
'intent remains unclear.',
'impact': {'data_compromised': 'Payment-related data',
'downtime': 'Operational disruptions during revaluation '
'application process',
'operational_impact': 'Disrupted revaluation application process',
'payment_information_risk': 'High',
'systems_affected': 'Revaluation portal payment gateway'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Expansion of payment '
'infrastructure, migration '
'to AWS, system review by '
'technical teams'},
'references': [{'source': 'Government sources'}],
'response': {'containment_measures': 'Migration to AWS for improved '
'stability, expansion of payment '
'infrastructure to four public sector '
'banks',
'recovery_measures': 'Portal migrated to Amazon Web Services '
'(AWS)',
'remediation_measures': 'System review and security bolstering, '
'syncing and testing of upgraded system',
'third_party_assistance': 'Technical teams from IIT Madras, IIT '
'Kanpur, and the Digital '
'Infrastructure Corporation of India'},
'stakeholder_advisories': 'Oversight from Education Minister Dharmendra '
'Pradhan and Finance Minister Nirmala Sitharaman',
'threat_actor': '50 students',
'title': 'CBSE Revaluation Portal Hit by Cyberattack, 50 Students Exploit '
'Payment System',
'type': 'Payment System Exploitation',
'vulnerability_exploited': 'Payment gateway manipulation'}