Dubai Teenager Rylen Anil Identifies Cloud Flaw Exposing NEET and JEE Data

Rylen Anil, a 16-year-old student based in Dubai, identified a critical cloud security misconfiguration exposing the personal data of millions of candidates for India’s NEET and JEE examinations. The vulnerability allowed unauthorized access to sensitive documents stored on public-facing servers. Misconfigured Cloud Storage Exposed The security flaw involved improperly secured Amazon Web Services (AWS) S3 buckets. These cloud storage containers held a vast repository of candidate information, including National Eligibility cum Entrance Test (NEET) and Joint Entrance Examination (JEE) application forms, government-issued identity documents, and academic records. Reports indicate the misconfiguration left private directories open to the public without requiring authentication. Anil discovered the vulnerability while conducting independent cybersecurity research. By identifying the exposed S3 buckets, the teenager revealed that the personal data of millions of students was vulnerable to exploitation. Security analysts noted that such data could be utilized by threat actors for identity theft, targeted phishing campaigns, or sale on dark web forums. Reporting and Remediation…