Some Computer-Based Test (CBT) centres accredited by the Joint Admissions and Matriculation Board (JAMB) have been linked to widespread exam malpractice during the most recent Unified Tertiary Matriculation Examination (UTME).

Findings show that certain CBT centre operators provided sensitive technical details to hackers, enabling them to infiltrate servers and interfere with the examination process.

JAMB encountered significant technical issues during the May 2025 UTME, with over 1.5 million of the 1.9 million candidates scoring below 200 out of 400—an outcome that sparked widespread criticism. On May 14, the JAMB Registrar, Prof. Is-haq Oloyede, broke down emotionally while addressing the situation, acknowledging that technical glitches affected many candidates' results.

At least 20 individuals were arrested in Abuja by security operatives for allegedly hacking into CBT centre systems. In June, JAMB further raised concerns about candidates using Artificial Intelligence for impersonation and falsely claiming disabilities such as albinism to gain undue advantage.

By July, data presented during the 2025 policy meeting revealed that CBT centres in Imo and Anambra states led in cases of biometric manipulation, specifically "finger-pairing."

A total of 19 centres across the country were implicated: Anambra (6), Imo (4), Abia (1), Edo (1), Kano (2), and one each in Ebonyi, Delta, Kaduna, Rivers, and Enugu.

In August, JAMB announced it was investigating 6,458 candidates for suspected use of tech-enabled cheating during the UTME. A 23-member Special Committee on Examination Infraction was set up to probe the matter and submit a report within three weeks.

Sources familiar with the situation indicated that operators of so-called “miracle centres” — establishments known for guaranteeing success to candidates — were partly responsible for the technical failures that occurred during the examination.

A hacker, who identified himself simply as Ahmed and claimed to have been in the business for a decade, said some CBT centre operators were deeply involved in aiding malpractice. He disclosed that these operators willingly shared their Internet Protocol (IP) addresses with hackers, enabling them to gain unauthorized access to the servers and examination materials. He further explained that mercenaries were then hired to write exams on behalf of candidates.

An IP address is a unique string of numbers that identifies each device on a network using Internet Protocol for communication.

Ahmed stated, “Some centres release their IP addresses to hackers, which makes it possible to access login details and exam questions. It’s practically impossible to monitor all IP addresses in Nigeria.”

He noted that while candidates are physically present at the centres, mercenaries working remotely use this access to take the test for them. “We instruct candidates to stay calm when their system logs them out. During that period, we take control, answer the questions, and by the time they’re logged back in, all they need to do is submit,” he said.

He added that the process simply requires inserting specific numeric codes once the IP address is obtained, granting full access to the local CBT centre server.

An education consultant based in Badagry, Lagos, confirmed Ahmed’s revelations. According to him, the breaches were only possible through internal collaboration with CBT centre staff who disclosed IP addresses for financial gain.

“These insiders receive millions of naira from parents who are willing to pay anything for their children's success. Once we gain server access, the exams are handled entirely by our team,” he said.

A CBT centre operator in Lagos also confirmed the involvement of some centre owners in the malpractice. He revealed that while operators are aware their servers are being compromised, they turn a blind eye due to the large sums of money involved.

“Mercenaries pay the centres handsomely. Some centre owners even have allies within JAMB who protect them. The notion that JAMB’s systems are foolproof is not entirely accurate. Some students still benefit from insider help and technical backdoors,” he said.

He further claimed that not all hackers require internal support, as some are skilled enough to access centre databases directly.

In response, JAMB’s spokesperson, Fabian Benjamin, dismissed claims that the board’s official website had ever been hacked. He clarified that the UTME system operates offline through a Local Area Network (LAN) and does not rely on the Internet, making it difficult for external actors to interfere.

“Our systems are not Internet-based. No examination questions are hosted online. Questions are transmitted securely to centres using a method similar to text messaging, and only a candidate’s biometric data grants access,” he said.

He emphasized that what some refer to as “hacking” is actually unauthorized access to local CBT centre servers, often facilitated by the centre owners themselves.

Similarly, the National President of the Computer-Based Test Centre Proprietors Association of Nigeria, Austin Ohaekelem, praised JAMB’s efforts to curb examination malpractice but clarified that not all CBT centres are involved in such fraud.