From ‘tender manipulation’ to hacking claims: Inside the growing storm over CBSE’s digital evaluation

Congress leader Rahul Gandhi demanded an independent judicial probe on Friday as he accused CBSE of diluting the selection process to enable a particular company to secure the contract. 

At the centre of controversy is a Hyderabad-based educational technology company called Coempt EduTeck. The private firm was hired by the CBSE to provide the software infrastructure for its digital On-Screen Marking (OSM) evaluation system last year. 

The company was previously embroiled in controversies while operating as Globarena Technologies — including the 2019 Telangana Intermediate examination crisis that resulted in massive marking errors for nearly 300,000 students due to major software glitches. Multiple reports had linked nearly 20 student suicides to the company although there was no direct connection.

What did Rahul Gandhi say?

Leader of Opposition Rahul Gandhi has repeatedly accused CBSE of “manipulating its own selection process to benefit COEMPT” by using official documents. He cited a detailed blog post by 17-year-old Sarthak Sidhant on Saturday to mount a fresh attack against the examination board. 

“The details in his blog reveal how CBSE changed the RFP to unduly benefit COEMPT, at the cost of TCS. He has revealed the hollowness of Dharmendra Pradhan ji’s denials. The PM remains silent, as usual. The question is simple: who are they protecting, and why? An independent judicial inquiry is now essential to uncover the full extent of this scam,” Gandhi alleged via X.

What are the latest allegations?

The Class 12 student had accused CBSE of “systematically rewriting its rulebook” to favour the educational technology company. The post attached by Gandhi cited the timeline of tenders to accuse CBSE of repeatedly “changing rules until it accommodated COEMPT perfectly”. Siddhant alleged that the first tender was issued in February 2025 and “completely wiped’ from public portal archives. All four bidders (including TCS and COEMPT) allegedly failed technical checks after a second tender was issued in May 2025. The third tender was issued on August 28 last year and won by Coempt Eduteck.

“So how did CBSE ensure that Coempt won the third tender? They manipulated the entry barriers. In the old RfP there are multiple clauses that highlight disqualification based on poor performance. This RfP was cancelled. The new RfP has no terms of poor performance. Wiped out,” Sidhant alleged in the X thread shared by Gandhi.

He outlined multiple changes to the pre-qualifications criteria that had essentially paved the way for COEMPT. The post also flagged a corrigendum that was issued just before bid submission and “took away CBSE’s right to blacklist the firm”.

“CBSE called for OSM tenders thrice. Zero bids the first time. No qualified bidder the second time. And finally, the technical bar was lowered until COEMPT could clear it. Scanning resolution cut. Robotic scanner requirement dropped. CMMI certification lowered from Level 5 to Level 3. Penalties for errors in answer sheets removed,” Gandhi alleged on Friday.

He also said that Tata Consultancy Services had lost the contract to COEMPT despite qualifying in the third round. The Leader of Opposition said the edutech company had a poor track record and claimed teachers had also warned CBSE against implementing the OSM system nationwide without adequate preparation. 

Alleged changes that ‘helped’ Coempt Eduteck:

1. Disqualification criterion changed from “previously” to “currently” blacklisted — allowing ‘sanitisation’ after Globarena rebranded as Coempt Eduteck.
2. Mandatory annual average turnover of Rs 50 crore from exam services that disqualified some firms. Coempt cleared this threshold by a mere 1.7% with their ₹50.86 crore average.
3. Software standard reduced from CMMI Level 5 to Level 3. A report published days before bidding ended suggested that this matched Coempt’s specific certification. 
4. Post-retirement ban on hiring board officials cut from two years to one year.
5. Project criteria shifted from single large setups (five lakh or more students) to cumulative volume of answer booklets and fragmented university contracts.
6. Mandatory requirement for vendors to have their own data centres and disaster recovery centers dropped in favour of cloud platforms like AWS and Azure (which are used by COEMPT).
7. Proprietary software allowed instead of full source code access — accommodating Coempt’s ‘Onmark’ platform that uses Microsoft IIS.

CBSE rejects ‘manipulation’ charge

The Central Board of Secondary Education has already rejected the allegations — insisting that the claim was “erroneous, misleading and not based on facts”. In a recent social media post, CBSE insisted that it had scrupulously followed protocols while awarding the exam evaluation contract to Hyderabad-based Coempt Eduteck. 

“CBSE floated the RFP for Digital Evaluation of Answer books for Board Exams 2026 on the Central Public Procurement portal on 28.08.2025 and awarded the contract to the qualified bidder,” the official X handle told Gandhi..

Hacking claims and CBSE clarifications

Posts shared on X by a self-proclaimed hacker also suggested that they had successfully breached a live server used by CBSE for its on-screen marking system. Nineteen-year-old student and ethical hacker Nisarga Adhikary claimed he had gained extensive access — able to complete control to view, modify, or delete internal data and execute direct system commands. The , presenting a severe security risk to the examination system. He also shared a purported production URL (the live, public web address where an application or website is officially running for real users) that has since become inaccessible and shows an error message.

“At the outset, it is clarified that the Portal used for evaluation of answer-books bore a different URL, which has neither been compromised nor does it have the vulnerabilities indicated in the said social media post. The URL: http://cbse.onmark.co.in is the testing site only with sample data for internal testing and review purposes. There are no actual evaluation data, marks or other data held on that portal,” CBSE countered on Tuesday.

‘CBSE portal was hit by malicious attack, 50 children got into system’

Government sources told news agency PTI that around 50 students had gained unauthorised access to the CBSE portal earlier this week. The revelation came after abnormal fees were displayed for revaluation payment — with the amount fluctuating from Re 1 to nearly Rs 68,000 in some cases. 

The glitch was linked to the HDFC payment gateway integrated with the system and occurred when the portal went live. Officials suggested the portal had become non-functional for “quite sometime” after dozens of children “manipulated the system”. 

“There were some unauthorised attacks on the portal. The payment gateway was with respect to HDFC… about 50-odd children had got in. I think out of fun or out of mala fide intention, I think that one rupee was shown and then Rs 67-68,000. So, there were about 50 children in whose cases the amount had changed.,” a government source told PTI.