Connect with us

NEWS

ECINET Foils 68 Lakh Hack Attempts on India Counting-Day Portal

Published

on

6.8 million. That’s how many malicious hits the Election Commission of India says its servers swatted away on May 4, the day votes were tallied for assembly elections in Tamil Nadu, West Bengal, Kerala, Assam and Puducherry. The poll body went public with the figure on Wednesday. None of the attempts breached the results portal or the ECINET platform underneath it.

The statement, issued from Nirvachan Sadan in New Delhi, said attacks came from within the country and from overseas. It credited the layered cybersecurity protocols built into the ECINET unified portal for blocking every probe. The platform now stitches together more than 40 of the commission’s apps and websites for voters, candidates and polling officials.

Counting Day Turned Into A Cyber Stress Test

The 68 lakh figure landed two days after counting concluded. ECI said the attempts were “effectively countered” by ECINET’s defences, the only verbatim phrase the commission released about the incident response. The agency did not name a specific threat actor, country of origin, or attack method.

Targets included the public dashboard at the live trends and results page, which carried the running count for the four states and Puducherry. Real-time portals are catnip for hostile actors during a tally. Even a brief defacement or a believable fake number screenshot can move political narratives faster than the commission can correct them.

No portal went down on May 4. No fake totals appeared anywhere on the dashboard. The vote count in all five jurisdictions was published on the schedule the commission had advertised three weeks earlier.

Counting Day Traffic Crossed Three Crore Hits A Minute

The malicious hit count is dwarfed by the legitimate one. ECINET registered an average of three crore hits per minute on counting day, the kind of load Indian e-commerce platforms usually see only during an annual sale event. On the three poll days of April 9, 23 and 29, the platform clocked over 98.3 crore hits combined.

That puts the attack volume in proportion. Around 68 lakh hostile hits sit inside a sea of roughly 180 crore total hits over four high-traffic days. The defensive layer had to filter at speed, not just at scale.

  • 3 crore hits per minute — average ECINET traffic on counting day, May 4, 2026.
  • 98.3 crore hits — combined load across the three poll days in April 2026.
  • 10 crore downloads — the ECINET app’s running install base since its January 2026 launch.
  • 3.2 lakh QR codes — generated for counting-staff identity verification on May 4.

The growth curve is the second-most-cited number inside the commission. ECINET’s January launch put the app at zero installs. Four months later it sits at 10 crore. That’s a faster onboarding than most Indian fintech apps recorded in their first year.

Each of those hundred million users tapped through to one of the 40-plus services bundled inside ECINET. Voter list searches. Polling station lookups. Candidate affidavit downloads. Live results.

The pressure that creates is one of the reasons cybersecurity teams worry less about pure denial-of-service floods and more about credential abuse and content-injection probes. A breach that flips a single state’s tally line for sixty seconds is more dangerous than a five-minute outage.

From Bihar Beta To A Forty-App Backbone

ECINET ran first in beta during the Bihar assembly elections in November 2025. The May 4 deployment was the first time the unified platform served a five-state counting day from a single technical stack.

  1. November 2025 — ECINET beta deployed for the Bihar assembly elections.
  2. January 2026 — official launch as a unified portal consolidating 40-plus ECI apps.
  3. April 9, 23 and 29, 2026 — three polling-day load tests across five states; 98.3 crore hits.
  4. May 4, 2026 — counting day; three crore hits per minute and 68 lakh blocked attacks.

The phased rollout is visible in the architecture. The commission’s older standalone services for voter registration, polling-station lookup and live results were knitted into one identity layer behind ECINET. That gave the cybersecurity team a single perimeter to defend instead of a sprawl of legacy URLs. The ECI’s own ECINET updates log tracks each service that has been folded in since January.

Why A QR Code Replaced The Old Counting-Centre Pass

Physical security got a digital upgrade on May 4 too. For the first time in any Indian general or state election, every counting hall used a QR-code-based photo identity card system to gate entry. ECINET generated 3.2 lakh of these codes on counting day across all states and Union Territories.

The old system relied on printed badges that had been cloned, swapped or photographed in past cycles. The QR pass binds a counting agent’s face, role and assigned hall to a record on ECINET that polling officers verify against a phone scanner at the door.

Layer Old System May 4, 2026 System
Identity Printed photo badge QR code linked to ECINET record
Verification Visual check by guard Live phone scan against database
Reissue if lost Manual reprint Revoke and regenerate in app
Audit trail Paper logbook Timestamped server record

The choice to roll out the QR system across all five jurisdictions at once, rather than piloting it in a single state, was a deliberate signal. The commission wanted a uniform record of who walked into which counting room, with timestamps that would survive a future challenge in court.

Where The 68 Lakh Hits Likely Came From

The ECI did not attribute the attacks. But the pattern matches the playbook seen against electoral infrastructure in the United States, Brazil and the Philippines: a mix of opportunistic scanners, hacktivist groups and small persistent probes from state-aligned actors testing for soft spots.

India’s broader cyber posture has tightened in the same window. The country’s markets regulator named a frontier AI model in its cyber-suraksha task force circular on May 5, the day after the counting-day attack wave, signalling how seriously regulators are treating AI-assisted threats against critical Indian platforms.

The Election Commission’s Wednesday release is plain about what was at stake. The agency framed the 68 lakh figure as evidence that the layered defence model worked, with no breach, no defacement and no leak from any of the 40-plus services riding on the ECINET stack.

From Voter registration to Election results, everything is on ECINet. A single portal for 40-plus apps and websites for the electors and stakeholders.

That line, posted by the commission’s verified handle on X, captures the trade-off the new architecture forces. Concentration creates a single hardened target instead of forty soft ones. Concentration also means the consequences of a successful breach would be harder to contain.

https://x.com/ECISVEEP/status/1998287889021767731

That’s why the post-mortem inside Nirvachan Sadan over the next four weeks matters more than the headline number. Every blocked probe leaves a fingerprint on the logs. Those logs will shape how ECINET hardens before the next big test, the 2027 state-election calendar that includes Uttar Pradesh and Punjab.

Frequently Asked Questions

Were Any Election Results Actually Changed By The Hacking Attempts?

No. The ECI says every one of the 68 lakh malicious hits on May 4 was blocked before it reached the data layer. The vote totals published for Tamil Nadu, West Bengal, Kerala, Assam and Puducherry were generated from the same Returning Officer feeds the commission has used for decades. If you see a screenshot online claiming a different number, cross-check it against results.eci.gov.in before sharing.

Is The ECINET App Safe For Me To Use After This Incident?

Yes, based on what the commission has disclosed so far. The attacks targeted public-facing portals, not user devices, and no credential leak has been announced. Keep the app updated through the Play Store or App Store rather than third-party APK sites, since most ECINET impersonation attempts ride through unofficial download links and side-loaded packages with similar icons.

How Do I Report A Suspicious Site Pretending To Show ECI Results?

Forward the URL to the commission via the official ECINET portal at ecinet.eci.gov.in or call the 1950 voter helpline. Include a screenshot, the time you saw the page and the source where you encountered it. The ECI’s IT cell logs every reported impersonation site and feeds confirmed cases to CERT-In for takedown coordination.

Will The QR Code Counting-Centre System Be Used In Future Elections?

Yes. The commission has signalled that the QR-based photo identity card will become the template for all future polls, including the 2027 state assembly cycle and the next general election. The 3.2 lakh codes generated on May 4 across five jurisdictions are the first national dataset, with tighter biometric integration expected at counting halls in subsequent rollouts.

The headline number is 68 lakh. The number that matters more is zero, the count of breaches the ECI has reported. ECINET kept the lights on, the totals clean and the May 4 result certified, which is the quiet test every electoral commission anywhere actually has to pass.

Logan Pierce is a writer and web publisher with over seven years of experience covering consumer technology. He has published work on independent tech blogs and freelance bylines covering Android devices, privacy focused software, and budget gadgets. Logan founded Oton Technology to publish clear, no nonsense tech news and reviews based on real hands on testing. He has personally tested and reviewed dozens of mid range and budget Android phones, written extensively about app privacy, and built and managed multiple WordPress publications over the past decade. Logan holds a bachelor's degree in English and studied digital marketing at a certificate level.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending