BREAKING
Big gift from CM Yogi to people of UP, now ₹1500 will come to your account every monthIPL Final broke all records, RCB vs Gujarat Titans match became the most watched match till dateAmerica’s mysterious ‘ghost’ city… where there are no humans, only ‘dangerous hackers’ liveArrogant, spoiled brat everything true but only on the field: Ravi Shastri on Virat KohliCM Dhami held a broom, gave such a message under the ‘Ek Ped Maa Ke Naam’ campaign that it was praised on social media.Ranveer Singh’s Dhurandhar accidentally made Ravi Kishan’s Bhojpuri film go viral – Here’s how‘Leave chemicals, adopt cow dung…’ CM Dhami made this emotional appeal to the farmers of Uttarakhand by plowing the fields himself.PM Modi’s statement on US-Iran peace agreement, said- India is committed to stability in West AsiaBecame a history-sheeter as soon as he took off his uniform… Who is Bareilly’s dismissed constable Surkesh? Big action by SSP Anurag Arya, clampdown on 11 others alsoPetrol diesel price today: New rates of petrol and diesel released amid 4% fall in crude oil, check the price in your city.
Bihar youth held in Gujarat for hacking NEET accounts, bid to divert refunds
National

Bihar youth held in Gujarat for hacking NEET accounts, bid to divert refunds

me.sumitji@gmail.com 15 Jun 2026 6 hours ago

Ahmedabad, June 15, 2026
The Ahmedabad Cyber Crime Branch has arrested a 19-year-old Bihar resident for allegedly gaining unauthorised access to NEET candidates’ portal accounts and attempting to divert refund payments into his own bank account by exploiting weak passwords and flaws in the password recovery system.

Bihar youth held in Gujarat for hacking NEET accounts, bid to divert refunds

The accused, identified as Navinkumar Yadav, a BSc graduate from Bhareti, Gaya district of Bihar, was arrested following an investigation conducted by the cybercrime branch in coordination with the National Testing Agency (NTA).

According to the complaint, the accused allegedly created a false identity using the complainant’s daughter’s details, obtained her NEET application number and password without authorisation and unlawfully accessed the NEET UG-2026 portal.

Police alleged that he entered another bank account’s details on the portal with the intention of receiving refund payments meant for candidates. The Cyber Crime Police Station registered a case under relevant provisions of the Bharatiya Nyaya Sanhita and the Information Technology Act.

Investigators said the case was detected through information provided by the NTA’s Chief Information Security Officer (CISO), technical analysis of bank account details and human intelligence inputs.

The CISO immediately shared digital footprint data generated through the portal’s security features, enabling police to identify the suspect, trace his location and arrest him in Bihar.

During a press conference, Joint Commissioner of Police (Crime) Sharad Singhal said the matter came to light after the government announced refunds of Rs 1,700 following the cancellation of the previous NEET examination.

“Cyber criminals exploited vulnerabilities in the password recovery system and targeted student accounts,” he said.

According to Singhal, each student had a login ID and password, but the “Forgot Password” process relied on security questions such as favourite colour and favourite sport.

He said the accused used software-assisted brute-force methods to repeatedly attempt combinations until access was obtained.

Police alleged that Navinkumar targeted approximately 350 NEET candidate accounts and successfully accessed around 150 of them because of weak passwords.

“He used applications to conduct brute-force attacks, cracked passwords, gained unauthorised access to accounts and then changed the passwords. After logging in, he allegedly replaced candidates’ bank account details with his own so that refund payments would be transferred to him instead,” officials told IANS.

Singhal added that more than 150 students had been affected and that the number could increase as the investigation progresses. “Authorities were working to identify where the money had gone and that relevant accounts had been frozen. Affected students would be refunded after the investigation,” he added.

The case also prompted changes to the security architecture of the NEET portal. Singhal said that two-factor authentication, which was previously unavailable on the relevant section of the portal, was being implemented by NTA to prevent unauthorised access through the exploitation of security questions.

NTA Director Akash Jain confirmed that additional security measures had been introduced following the investigation.

“Two-step authentication, OTP-based verification and Aadhaar-linked verification measures had been incorporated to strengthen the system,” Jain said.

Jain said the refund process had been introduced to ensure that students received money quickly after the examination cancellation and acknowledged that initial shortcomings may have existed.

“Lessons learned from the investigation have helped strengthen the portal’s security features,” he said.

The Cyber Crime Branch advised students and parents to use strong passwords containing uppercase and lowercase letters, numbers and special characters; avoid simple passwords such as names, dates of birth, mobile numbers or “123456”; and never share account details, passwords or OTPs.

Police also urged candidates to use only the official NTA and NEET websites for examination and refund-related processes. The investigation is continuing.(Agency)

Related News