A serious data security incident has emerged from the JEE-Advanced 2026 result portal after personal information of thousands of candidates was reportedly accessible online due to a technical configuration problem in cloud storage. IIT Roorkee has acknowledged the issue, stating that the exposed data was available only in read-only mode and could not be modified.
Cloud Configuration Glitch Flagged
IIT Roorkee confirmed that a configuration issue was detected in the cloud storage system connected to the result portal. The institute said corrective measures were initiated on priority after the problem was identified.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
The institute also stated that the data could not be altered, as it was available only in read-only mode. However, the exposure of sensitive candidate information has raised concerns about privacy safeguards in one of India’s most important academic examination systems.
Researcher Claims Large-Scale Exposure
The issue was first highlighted by Rininil Anil, a 16-year-old who identifies himself as a cybersecurity researcher. He claimed on social media that the cloud storage linked to the JEE-Advanced result portal was accessible without proper authentication.
According to his findings, nearly 179,600 result records and about 187,300 admit card PDF files were publicly accessible. The files reportedly contained candidates’ names, dates of birth, mobile numbers and other personal details.
IIT Roorkee appreciated the individual who flagged the vulnerability and described the disclosure as responsible action aimed at improving the system.
Calls Grow For Stronger Exam Data Security
The incident has renewed scrutiny of the digital infrastructure used for national-level examinations. Concerns have grown among students and parents over the scale of the exposure and the risks linked to sensitive academic data.
The breach has also intensified calls for stronger cybersecurity audits across examination bodies. Experts have stressed the need for better encryption, stricter authentication systems and regular third-party security assessments before such platforms go live.
IIT Roorkee has said a detailed technical investigation is underway and that steps are being taken to strengthen the system. The institute has maintained that protecting candidate data remains a priority and that measures will be taken to prevent similar incidents in the future.
