Bihar teen hacks into NEET portal, diverts refunds of 150 aspirants to own account

A 19-year-old man from Bihar has been arrested in Ahmedabad for allegedly diverting refund amounts meant for around 150 NEET aspirants into his own bank account by unlawfully accessing their accounts on the NEET portal, police said.

The accused, identified as Naveen Yadav, a resident of Gaya district in Bihar, allegedly exploited security vulnerabilities and weak passwords to gain unauthorised access to the accounts of NEET-UG candidates. According to Ahmedabad Police, he changed the bank account details linked to students' profiles, causing refund amounts of Rs 1,700 per student to be credited to his own account instead.

The incident comes amid heightened scrutiny of the NEET examination process amid the controversy over the alleged paper leak, as well as concerns over security vulnerabilities and technical glitches associated with the pre-medical entrance examination.

The case came to light after the Ahmedabad Cyber Crime Branch received a complaint regarding fraudulent refund transactions processed through the NEET-UG portal. Investigators found that an unauthorised individual had accessed student accounts and altered banking details to siphon off the refund money.

According to officials, the accused targeted more than 350 students who had registered for the NEET examination and successfully gained access to around 150 accounts. Police said he allegedly used brute-force attacks -- a trial-and-error method used to crack passwords, encryption keys, or PINs -- to break into accounts by exploiting weak credentials and security loopholes in the portal.

After gaining access, the accused allegedly replaced the students' registered bank account details with his own. As a result, refund amounts intended for the candidates were transferred to his account, Joint Commissioner of Police (Crime) Sharad Singhal said.

During the investigation, the Cyber Crime Branch sought details from the National Testing Agency (NTA) regarding the bank accounts that had received the refund payments. The information helped investigators trace the money trail and identify the accused, leading to his arrest in Bihar, the officer said.

Officials said the diverted funds were linked to refunds due to NEET 2026 candidates. Following the breach, the NTA strengthened the security features of the NEET portal, including improvements to its authentication mechanisms.

Police noted that the portal previously lacked two-factor authentication, a vulnerability that has since been addressed to prevent similar incidents in the future. The investigation is ongoing, and officials are examining whether the accused was involved in other cyber fraud cases.

The NEET-UG examination for admission to medical courses was conducted on May 3 this year but was cancelled by the NTA on May 12 following allegations of a paper leak.

The re-examination is scheduled to be held on June 21. The CBI, which has taken over the investigation into the alleged paper leak, has so far arrested 13 people in connection with the case.

- Ends