3 days ago
1
Claims of a information breach and privateness usurpation affecting lakhs of JEE (Advanced) aspirants are "misleading and factually incorrect", the IIT-Roorkee said connected Friday (June 5, 2026), asserting that nary delicate accusation was compromised oregon mass-extracted pursuing a impermanent cloud-storage misconfiguration.
The Indian Institute of Technology (IIT), Roorkee, which conducted the exam this year, said the accusation circulating connected societal media "does not accurately bespeak what happened" and alleged an effort to dispersed misinformation.
The JEE (Advanced) is the gateway for admittance to undergraduate programmes successful the IITs and respective different premier engineering institutions crossed the country.
The Ministry of Education besides dismissed reports of a information breach and privateness violations involving JEE (Advanced) candidates arsenic "misleading and factually incorrect".
"There person been respective misleading and factually incorrect reports regarding information breach and privateness violations with respect to students who took JEE (Advanced) examination," the Ministry said successful a station connected X.
"As per the clarification issued by @iitroorkee the Ministry reiterates that nary delicate accusation was compromised, and the introspection outcomes, marks, and campaigner accusation stay wholly secure, intact, and safe," it added.
"Claims of a information breach and privateness usurpation affecting lakhs of JEE (Advanced) aspirants are misleading and factually incorrect. The accusation circulating connected societal media is misleading and does not accurately bespeak what happened. There is an effort astatine spreading misinformation, which is acold from the truth," the IIT-Roorkee said successful a bid of posts connected X.
According to the institute, definite method interventions were undertaken connected an expedited ground connected June 2 to assistance candidates facing difficulties successful accessing admit-card information and to guarantee the creaseless functioning of the registration process.
It further said these interventions resulted successful a "minimal, impermanent misconfiguration" successful a cloud-storage component, which was identified and reported by ethical hacker Rylen Anil.
"An ethical hacker, Mr Rylen Anil, identified this misconfiguration and reported that helium could entree the acrophobic database. The contented was instantly rectified, and entree to the information was restricted," the institute said.
The affected retention was "read only", meaning nary information could beryllium edited oregon deleted, the IIT-Roorkee said, adding that an investigation of cloud-access logs confirmed that nary bulk download had occurred.
"The affected retention was read-only, meaning nary information could beryllium edited oregon deleted. An investigation of unreality entree logs confirmed that nary bulk download occurred (the read-only entree was constricted to little than 0.05% of the data)," it said.
The institute further asserted that "no delicate accusation was compromised oregon mass-extracted" and that the incidental had "zero interaction connected introspection outcomes, including marks, ranks, and class of the candidates".
Reaffirming its committedness to the introspection process, the IIT-Roorkee said it remains afloat committed to maintaining the integrity, information and transparency of the JEE (Advanced) and Joint Seat Allocation Authority (JoSAA) counselling processes.
"Deliberate attempts to misrepresent this method lawsuit and undermine nationalist spot successful the introspection strategy are profoundly concerning and should beryllium discouraged," it added.
"The JEE (Advanced) squad looks guardant to supporting each aspirant done a creaseless and unafraid admittance process into IITs and IISc," it said.
Earlier, the IIT-Roorkee had confirmed that the JEE (Advanced) 2026 results portal faced a cloud-storage-configuration contented aft a teenager, who identifies himself arsenic a cybersecurity researcher, claimed that idiosyncratic and introspection details of lakhs of students were accessible without authorisation.
The effect from the IIT-Roorkee came aft the cybersecurity researcher, 16-year-old Rylen Anil, took to X, claiming that the nationalist unreality retention endpoint of the results portal was accessible without authentication, exposing bulk campaigner data.
On Tuesday (June 2, 2026), the institute said the information stored was successful the read-only mode, with nary anticipation of grounds alteration, and added that the contented was being addressed connected priority.
