Coempt, the educational technology platform involved in the CBSE Open Schooling Module (OSM) controversy, has clarified that there was no software glitch in the system. The company attributed the security lapse to manual oversight during testing procedures.
No Software Glitch Involved
In a detailed statement, Coempt emphasized that the alleged vulnerability was not due to any flaw in their software. Instead, it was a result of human error in the testing environment. The platform stated that the incident occurred because of improper configuration during a test phase.
Ethical Hacker Accessed Test Server
Coempt also addressed the role of the 19-year-old ethical hacker who reportedly hacked into the system. The company confirmed that the hacker only managed to access a server used exclusively for testing purposes. This server, they stressed, is never utilized for any client operations or live data handling.
The company further explained that the test server was isolated from the main production environment. Therefore, no sensitive student data or exam-related information was compromised. Coempt reassured stakeholders that their core systems remain secure and unaffected.
Manual Oversight Identified
An internal investigation revealed that the breach occurred due to a manual oversight. A team member inadvertently left the test server accessible without proper authentication protocols. Coempt has since implemented additional training and tightened access controls to prevent such incidents in the future.
The CBSE OSM row had raised concerns about the security of online examination platforms. However, Coempt's clarification aims to allay fears by highlighting the isolated nature of the breach. The company remains committed to maintaining high security standards for all its clients.
