The Central Board of Secondary Education (CBSE) reported that its Class 12 re-evaluation portal withstood a massive cyberattack on Tuesday [1].
The incident highlights the vulnerability of critical educational infrastructure during high-traffic periods. Because the portal manages the academic futures of thousands of students, any successful disruption could have delayed essential result verifications and caused widespread panic.
The attack occurred on June 2, 2026, the first day the portal went live for students seeking re-evaluation of their examination results [2]. According to the board, the system faced a denial-of-service attack that generated approximately 1.5 million hits in just two minutes [1].
Beyond the traffic surge, the board identified more than 100,000 unauthorized attempts to access files within the system [3]. Despite these efforts to crash the site or breach its data, the portal remained operational throughout the event [1].
The board said the system managed to handle about 8,000 concurrent users during the peak of the interference [4]. This stability allowed the process to continue, with approximately 16,000 students successfully submitting their applications for re-evaluation [2].
The CBSE portal was launched specifically to allow students to challenge their marks and request a verification of their scores. The barrage of hits appears to have been a coordinated attempt to disrupt this administrative process on its opening day [1].
“1.5 million hits in two minutes”
The scale of this attack—specifically the volume of hits in a two-minute window—suggests a sophisticated denial-of-service attempt rather than a organic surge of student traffic. The fact that the CBSE portal remained online indicates that the board's current cybersecurity mitigations were sufficient to handle a high-volume volumetric attack, though the 100,000 unauthorized file-access attempts show a simultaneous effort to probe for data vulnerabilities.
