Privacy is a Joke in this country - JEE Main Data Breach

Last night, NIC released the JEE Main city intimation link, where candidates could check their exam city and shift. However, everyone was shocked when someone discovered a serious vulnerability on their website. By simply editing the application number in the URL, anyone could access another Candidate's details, including their image. Initially, this might not seem like a big deal, but here’s where it gets worse when someone used Python to scrape data from the website, collecting the images, signatures, and even EXIF data of 4–5 lakh Students. Worse still, NIC/NTA didn’t even bother encrypting this sensitive information. With this data in hand, anyone could brute force a candidate’s date of birth to access their admit cards and results. This breach leaves the personal information of over 14–15 lakh students completely exposed to misuse. This level of negligence from NIC/NTA is shocking, especially when they are responsible for conducting exams of national importance. The safety and privacy of students’ data should be non-negotiable, yet this careless oversight puts everyone at risk. Immediate action needs to be taken to fix this and hold those responsible accountable. This is a wake-up call for better data security in our public systems. Images are attached below. **First post;** https://preview.redd.it/j1fetfx64dce1.jpg?width=969&format=pjpg&auto=webp&s=c42186b928f402f5cd4d7cb147d36896a1dc90db **Image from diff appno. through site** https://preview.redd.it/w095au9c4dce1.png?width=1648&format=png&auto=webp&s=63ba52fd99927b56d4bc8c64565403f2fd578689 **Scraped Images by many;** https://preview.redd.it/g97v2dag4dce1.png?width=1920&format=png&auto=webp&s=5ed5d869227500f67040fcaee1212632944f1c38 **some a\*\*hole even made a** web**site of it:** https://preview.redd.it/bnmzpcll4dce1.png?width=1080&format=png&auto=webp&s=bca4c8123ed42f3246df72a9a7b089ac6ae4f8b4 Lastly, Their Captcha system: https://preview.redd.it/j2zs14np4dce1.jpg?width=841&format=pjpg&auto=webp&s=a458edb960c6ad2bebfa289da6db042f2b0a4f81 It's a\*\* ... Anyone could bruteforce and steal information from it. Is this the country we live in, where people are selling Aadhaar card information on the dark web, NTA is handing out data to local colleges and recruiters. This isn’t a joke, it’s a serious issue that demands immediate attention. Everyone needs to be aware of what’s happening