Description: The Hindu reported that vulnerabilities in the OnMark exam-marking portal used by India's Central Board of Secondary Education (CBSE) allegedly exposed sensitive student data, including answer-sheet images. Ethical hacker Nisarga Adhikary also alleged that COEMPT Eduteck quality-assurance scripts processed students' personal information through Google Gemini. CBSE said the vulnerabilities had been contained.
Editor Notes: Classified as an incident because the reporting alleges a specific student-data exposure and near-harm episode involving CBSE's OnMark evaluation ecosystem, and separately alleges that student personal information was processed through Google Gemini in vendor automation scripts. The record should not be read as establishing that Gemini caused the portal vulnerabilities or that student marks were altered.
Entities
View all entitiesAlleged: Google and Large language model developers developed an AI system deployed by COEMPT Eduteck , Central Board of Secondary Education and Government of India, which harmed Students , Minors , Educational communities , Privacy , Students in India , Minors in India and Central Board of Secondary Education students.
Alleged implicated AI systems: Gemini , OnMark On-Screen Marking portal , COEMPT automation scripts and Student answer-sheet databases
Incident Stats
Incident ID
1507
Report Count
1
Incident Date
2026-05-30
Editors
Daniel Atherton
Incident Reports
Reports Timeline
Loading...
After public posts by ethical hackers exposed vulnerabilities in the Central Board of Secondary Education's On-Screen Marking platform OnMark, the board on Sunday (May 31, 2026) stated that the identified vulnerabilities "have been containe…
Variants
A "variant" is an AI incident similar to a known case—it has the same causes, harms, and AI system. Instead of listing it separately, we group it under the first reported incident. Unlike other incidents, variants do not need to have been reported outside the AIID. Learn more from the research paper.
Seen something similar?
