Coempt gave CBSE cyber certificates that were expired, tied to other client
Coempt submitted outdated cybersecurity certificates to the Central Board of Secondary Education for its OSM platform, raising security concerns. The certificates were tied to a different client's deployment and were nearly two years old at the time of submission. Subsequent investigations revealed critical vulnerabilities in the platform that could allow unauthorized access to sensitive student data.
- ▪The cybersecurity certificates submitted by Coempt were outdated and covered a different client's deployment.
- ▪Critical vulnerabilities in the OSM platform were reported between February and May 2026, exposing student marks and answer scripts.
- ▪One researcher discovered a fundamental coding error that allowed unauthorized access to sensitive databases.
Opening excerpt (first ~120 words) tap to expand
Coempt gave CBSE cyber certificates that were expired, tied to other clientThe cybersecurity certificates submitted to CBSE for its OSM platform were outdated and covered a different client's deployment, raising questions on the platform's actual security.Published on: Jun 06, 2026 5:34 AM ISTBy Sanjay Maurya, Binayak Dasgupta, New DelhiShare viaCopy link The cybersecurity certificates the Central Board of Secondary Education accepted as proof that its controversial on-screen marking (OSM) platform was safe to process close to 10 million student answer scripts covered a different client’s deployment of the same software tested on a pre-production staging environment, and, in one case, was nearly two years old when submitted, a review of documents by HT has found.Coempt gave CBSE cyber…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Hindustan Times — Top.
Discussion
0 commentsMore from Hindustan Times — Top
