CBSE says, “As of 4 June 2026, a total of 70,433 successful applications have been received through the CBSE post-result grievance redressal process, including 7,314 applications for Verification of Marks and 63,119 applications for re-evaluation. Despite a malicious…

— ANI (@ANI) June 5, 2026

“Despite a malicious Denial-of-Service (DoS) attack involving nearly 3.8 million packets on 3 June 2026, the portal remained protected and operational due to timely intervention by technical teams,” the board said.

The disclosure sheds new light on the security infrastructure underpinning the portal, which has been at the centre of intense scrutiny following reports of payment gateway vulnerabilities and system disruptions in recent days.

Read | CBSE OSM Row: CBSE delayed re-evaluation login after experts flagged gaps

According to CBSE, the portal did not go live until an extensive pre-launch security audit had been completed. “Prior to launch, the CBSE verification and re-evaluation portal underwent an emergency security hardening and validation exercise, including penetration testing, vulnerability assessment, and load/stress testing with specialised cybersecurity support,” the board said.

The system was further reinforced with Web Application Firewall (WAF) protection, DDoS mitigation tools, secure authentication controls, audit logging and continuous monitoring before it was activated at approximately 4:30 am on June 2, 2026 — only after all security checks had been cleared.

The precautions proved prescient. Within just two minutes of the portal going live, it recorded approximately 1.5 million access requests. Alongside this surge, the system detected and blocked over 1,00,000 unauthorised access attempts. “The traffic profile showed coordinated high-volume request bursts consistent with DDoS-type patterns, which were successfully mitigated by the deployed security architecture,” CBSE said.

The board’s statement comes against the backdrop of a turbulent few weeks for its digital infrastructure. The revaluation portal had earlier faced criticism after a payment gateway hack — linked to the HDFC payment system — caused erratic fee displays for around 50 students, with amounts fluctuating between Re 1 and nearly Rs 68,000.

Following that incident, the government had roped in cybersecurity experts from IIT Madras and IIT Kanpur, integrated four public sector banks as additional payment gateways, and migrated the system to Amazon Web Services.