A Rajasthan mining engineer used AI chatbots to withdraw rival applications from the RPSC merit list after exploiting weak portal authentication. The case exposes how single-SSO ID verification leaves government recruitment portals vulnerable to internal attackers.
SailPoint, Inc. currently carries an Alpha Score of n/a, giving AlphaScala's model a neutral read on the setup.
A mining engineer in Rajasthan exploited security gaps in a government recruitment portal to manually delete competing applicants from the merit list, using AI chatbots to mask his digital trail. The case shows what happens when weak portal authentication meets an attacker who understands the system from the inside.
The accused, 27-year-old Rahul Kumar Meena, ranked second under the Scheduled Tribe (ST) category in the Assistant Mining Engineer exam conducted by the Rajasthan Public Service Commission (RPSC). To move up to the single vacancy, he withdrew the application of the first-ranked candidate, Ashish Meena, and then eliminated two more names from the fourth and fifth positions to avoid drawing attention to the first deletion, according to the Indian Express.
All three candidates received an SMS saying their applications had been withdrawn "as per their request." The SMS was alarming because the withdrawal window had closed long before. One of the affected candidates, Ravi, approached the police after receiving the message. RPSC Deputy Director and analyst-programmer Raghuveer Gurjar filed a complaint about tampering with the RPSC recruitment portal, Ajmer's Deputy SP (Cyber police station) Shamsher Khan told the publication.
Khan said the RPSC informed the Department of Information Technology and Communication (DoIT&C), which handles the portal. Investigators found that Meena created a fake Single Sign-On (SSO) ID to withdraw the three applications. SSO is a unique digital identity issued by the Rajasthan government to every registered citizen, business, and government employee.
Meena was traced through the IP address he used to create his login credentials. The IP address led to the Steel Authority of India Limited (SAIL) compound in Jharkhand, where Meena had worked since 2019 after earning a BTech in Mining Engineering from Banaras Hindu University. DSP Khan said investigators found that Meena habitually crawled websites in "inspection mode" during his free time and used AI chatbots including ChatGPT, Grok, and DeepSeek to attempt to change website coding.
In the end, he left enough digital trails to get caught. His devices were seized and sent to the Forensic Science Laboratory for analysis. He was remanded to police custody until June 25. The ST vacancy was eventually secured by the original first-ranked candidate, Ashish Meena.
The case is a reminder that portal security is only as good as the authentication layer protecting it. A single fake SSO ID allowed someone to withdraw applications without any secondary verification, and AI chatbots helped him probe for vulnerabilities without triggering manual review. The market take is indirect but real: government IT vendors and security consultancies with contracts to harden public-sector portals could see closer scrutiny of their authentication protocols, especially in states with large SSO-based systems.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.