Education Ministry rejects JEE Advanced data breach claims, says candidate data remains secure

The Union Ministry of Education on Friday (June 5) refuted claims of a large-scale data breach and violation of privacy of candidates who appeared for the JEE (Advanced) examination. Dubbing the claims “misleading and factually incorrect reports”, the Ministry referred to IIT Roorkee’s rebuttal earlier in the day, stating that no sensitive information was compromised.

Ministry rejects data breach claims

“There have been several misleading and factually incorrect reports regarding data breach and privacy violations with respect to students who took JEE (Advanced) examination,” stated the Education Ministry in a post on X.

“As per the clarification issued by @iitroorkee the Ministry reiterates that no sensitive information was compromised, and the examination outcomes, marks, and candidate information remain completely secure, intact, and safe. @PIB_India @airnewsalerts,” it added.

IIT Roorkee’s rebuttal

Earlier in the day, IIT Roorkee stated that, contrary to the “misleading and factually incorrect” claims, no data breach or mass extraction of data has taken place. It further stated that the claims doing the rounds on social media do not align with facts, adding that there was an attempt to deliberately spread misinformation. IIT Roorkee conducted the examination.

"Claims of a data breach and privacy violation affecting lakhs of JEE (Advanced) aspirants are misleading and factually incorrect. The information circulating on social media is misleading and does not accurately reflect what happened. There is an attempt at spreading misinformation, which is far from the truth," IIT Roorkee said in a series of posts on X.

"The affected storage was read-only, meaning no data could be edited or deleted. An analysis of cloud access logs confirmed that no bulk download occurred (the read-only access was limited to less than 0.05 per cent of the data)," it added.

‘No sensitive information compromised’

It stated that “no sensitive information was compromised or mass-extracted”, adding that the incident had “zero impact on examination outcomes, including marks, ranks, and category of the candidates”.

Also Read: After NTA portal, teen flags issues with JEE Advanced results site; IIT Roorkee responds

The clarification came after a teenage cybersecurity researcher alleged that a publicly accessible cloud storage endpoint linked to the JEE (Advanced) results portal could be reached without authentication, potentially exposing candidate information.

What IIT Roorkee said earlier

Earlier, IIT Roorkee had acknowledged a configuration-related issue involving a cloud storage component connected to the examination portal and stated that corrective measures were initiated immediately. The institute maintained that the affected data remained in read-only mode throughout, ruling out any possibility of alteration or tampering with records.

Also Read: Another Gen Z hacker now claims data security flaw on NTA re-exam portal

According to IIT Roorkee, the issue emerged following urgent technical changes implemented on June 2 to assist candidates who were facing difficulties accessing admit card details and to ensure the smooth completion of registration-related processes.

Misconfiguration disclosed

The institute said the measures resulted in a “minimal, temporary misconfiguration” within the cloud storage system. It further stated that the issue was detected and responsibly disclosed by ethical hacker Rylen Anil.

Also Read: CBSE OSM row: Whistleblower Sarthak shares how he dug up tender flaws | Exclusive

"An ethical hacker, Mr Rylen Anil, identified this misconfiguration and reported that he could access the concerned database. The issue was immediately rectified, and access to the data was restricted," the institute said.

The backdrop

Meanwhile, the National Testing Agency (NTA) said CUET-UG 2026 witnessed delays at certain examination centres owing to a technical problem. The agency attributed the disruption to systems operated by Tata Consultancy Services (TCS).

Also Read: CBSE breaks silence on OSM fiasco: ‘Monitoring security issues’

The incident comes weeks after NEET-UG 2026 was cancelled following allegations of paper leaks and examination irregularities. The Ministry of Education subsequently ordered a CBI investigation and announced a re-examination for more than 22 lakh candidates on June 21.