How Hackers Breached JAMB CBT Centres

In what has become one of the most alarming educational scandals in recent times, investigations have uncovered how some operators of accredited Computer-Based Test (CBT) centres in Nigeria have actively participated in large-scale examination malpractice during the 2025 Unified Tertiary Matriculation Examination (UTME), conducted by the Joint Admissions and Matriculation Board (JAMB).

The Saturday PUNCH report revealed a troubling alliance between CBT centre operators and tech-savvy individuals. These insiders allegedly provided confidential technical information, such as Internet Protocol (IP) addresses, to hackers who then manipulated the examination process from behind the scenes. The revelations have sent shockwaves across the country and raised critical questions about the credibility of Nigeria’s tertiary admissions system.

In May 2025, JAMB experienced a major setback when technical glitches disrupted the UTME for thousands of candidates. Out of the 1.9 million students who took the test, 1.5 million scored below 200 out of the possible 400 marks. This widespread failure triggered national outrage. In a public display of emotion, the JAMB Registrar, Professor Is-haq Oloyede, broke down in tears on May 14 as he admitted that system failures had unfairly impacted some candidates’ scores.

Authorities swung into action soon after. Security agents from the Department of State Services and the Nigeria Police Force arrested at least 20 individuals in Abuja on charges related to server breaches and exam fraud. By June, JAMB had also issued a warning that some candidates were using Artificial Intelligence to impersonate others and were even falsely claiming medical conditions such as albinism in order to cheat.

The scale of malpractice became clearer in July when data presented during JAMB’s annual policy meeting revealed that certain states had become hotspots for fraud. Imo and Anambra states, in particular, were flagged as major offenders. Nineteen CBT centres across the country were found to have engaged in “finger-pairing” malpractice. Anambra alone accounted for six of these centres, while Imo had four. Other states on the list included Abia, Edo, Kano, Ebonyi, Delta, Kaduna, Rivers, and Enugu.

By August, JAMB announced that over 6,000 candidates were under investigation for various forms of tech-enabled cheating. The board created a 23-member Special Committee on Examination Infraction to probe these issues thoroughly.

Much of the blame is now being directed at so-called “miracle centres,” which promise guaranteed success to desperate candidates. These centres, it turns out, are often the breeding grounds for coordinated malpractice involving CBT operators and hired hackers.

A man identified only as Ahmed, a self-confessed hacker with a decade of experience in exam manipulation, explained how the scam works. According to him, some CBT centre operators willingly share their IP addresses with external hackers. This allows remote access to the examination servers. Once they are in, they deploy mercenaries to write the exams on behalf of candidates who are physically present at the test centre.

Ahmed described a typical strategy: candidates are told to log in and begin the exam normally. After a few minutes, they are deliberately logged out under the pretense of a technical glitch. During this time, the mercenaries remotely access the system, answer the questions, and submit the test. When the candidate is allowed to log back in, the exam is already completed. All they need to do is click “Submit,” and their fraudulent success is sealed.

Ahmed insisted that the only real requirement to pull this off was the CBT centre’s IP address and some basic codes. This method bypasses biometric verification since the original candidate is still present in the test centre, only not taking the exam themselves.

Backing Ahmed’s claims, an educational consultant based in Badagry confirmed that compromised CBT operators are key enablers. He revealed that some centre owners are paid millions of naira to provide access to their systems. Parents of the candidates often foot these bills in the hope of securing their children’s university admissions.

Another CBT operator in Lagos, who admitted involvement in the malpractice, disclosed that many centre owners knowingly allow their servers to be breached. These fraudulent activities are profitable, and in some cases, even JAMB officials allegedly offer silent support, acting as “backbones” for these criminal operations.

Despite these damning allegations, JAMB’s spokesperson, Fabian Benjamin, denied the possibility of hacking the board’s systems. He explained that JAMB questions are not hosted online and are transmitted through a local network that is not internet-enabled. According to him, the breaches occurred at local centres, not the main JAMB system. He insisted that only a candidate’s biometric data could unlock exam questions, and JAMB’s internal network was secure.

Austin Ohaekelem, the national president of the Computer Based Test Centre Proprietors Association of Nigeria, defended genuine CBT centres. He acknowledged the presence of fraud but argued that not every glitch or issue should be interpreted as deliberate malpractice. For instance, he cited a situation where network failure during candidate registration led to mismatched data due to an honest mistake.

He emphasized that technical problems such as fingerprint scanner errors or data submission failures are sometimes misinterpreted as intentional fraud, leading to the unfair blacklisting of innocent centres.

In Oyo State, Ogundokun Olufunso, the secretary of the Association of Tutorial School Operators, raised another concern. According to him, many students now work hand in hand with tech engineers to manipulate biometric data. He admitted that some innocent students also suffer due to system errors that prevent their verification, which in turn unfairly brands them as fraudsters.

Olufunso called for stronger checks and transparency in how JAMB handles such sensitive matters. He also said that most tutorial centres had distanced themselves from miracle centre activities due to the growing risks involved. In his words, no amount of money should be worth risking a career and freedom.

Similarly, Emehinola Omodara, Director of Toppers Coaching Centre in Ogun State, advised JAMB to stop shifting blame and instead conduct a full internal review to identify and close loopholes in their system. He noted that unless JAMB takes its own audit seriously, miracle centres will continue to exploit the weak points in the system.

Taiwo Folorunsho, founder of Campusinfo Consult Limited, echoed this sentiment. He stressed the need for JAMB to completely upgrade its technology and strengthen its operational processes to stay ahead of sophisticated cheating methods.

This scandal, involving students, CBT centre operators, hackers, and possibly insiders within JAMB, paints a worrying picture. While JAMB maintains that its systems are secure, the reality on the ground shows a highly compromised process that demands urgent reform.