India Nuclear Plant Data Breach: Blueprints, Supplier Details Exposed
At a glance
- Indian authorities are investigating a reported cybersecurity incident after a ransomware group claimed to have released thousands of files allegedly connected to the…
- The cybercriminal group, known as World Leaks, stated it has published over 19,000 files on the dark web.
- These documents are said to be part of a much larger dataset of approximately 858,000 files allegedly taken from Reliance Group, a contractor involved in the…
Story so far: Indian authorities are investigating a reported cybersecurity incident after a ransomware group claimed to have released thousands of files allegedly connected to the… The cybercriminal group, known as World Leaks, stated it has published over 19,000 files on the dark web.
Latest development: The ransomware group World Leaks has posted a large cache of files on the dark web, which it claims are related to India’s largest nuclear plant, the Kudankulam Nuclear Power Plant. These files reportedly include purported…
Indian authorities are investigating a reported cybersecurity incident after a ransomware group claimed to have released thousands of files allegedly connected to the Kudankulam Nuclear Power Plant, the country’s largest nuclear energy facility. The cybercriminal group, known as World Leaks, stated it has published over 19,000 files on the dark web. These documents are said to be part of a much larger dataset of approximately 858,000 files allegedly taken from Reliance Group, a contractor involved in the Kudankulam project.
Reliance Group confirmed a limited data breach affected one of its servers hosted by Indian data center provider Yotta. Yotta detected suspicious activity targeting a Reliance Infrastructure server on May 29 and reported blocking an attempted ransomware attack before execution. The company is cooperating with the ongoing investigation.
Reports indicate the leaked files appear to contain engineering plans for ventilation and cooling systems, control room layouts, equipment inspection records, supplier and vendor information, project meeting documents, and insurance records. Most of the material reportedly relates to Units 3 and 4 of the Kudankulam Nuclear Power Plant, which are currently under construction and scheduled to begin operations by 2027. Experts caution that even if the plant’s reactor systems were not directly affected, the exposure of technical and operational documents could still present security challenges by providing sensitive information about the facility’s infrastructure and supply chain. The Kudankulam plant, located in Tamil Nadu, is central to plans to expand India’s atomic energy capacity.
Latest Updates
The ransomware group World Leaks has posted a large cache of files on the dark web, which it claims are related to India’s largest nuclear plant, the Kudankulam Nuclear Power Plant. These files reportedly include purported blueprints of parts of its facilities and supplier details, labeled as originating from Reliance Group. The Kudankulam plant is central to Prime Minister Narendra Modi’s plans to expand India’s atomic energy capacity.
Reliance Group, a contractor for the plant, confirmed to Reuters a “partial breach” of its data on a server hosted by third-party provider Yotta, and stated that the government had been informed. However, Reliance did not disclose the specific data that was breached. Nickolas Roth, a senior director at the Nuclear Threat Initiative, suggested the breach could pose a “serious” risk to the plant’s safety. Reuters reviewed the documents, dated from 2016 to mid-2025, but could not verify their authenticity. The 19,000 files released are considered the most sensitive out of a total of 858,000 Reliance files on the World Leaks website. Reliance Infrastructure, a subsidiary, secured a contract in 2018 for Units 3 and 4, which are under construction and expected to be operational by 2027, providing a combined 2,000 megawatts of capacity. World Leaks, known for targeting companies like Nike and Tata Group, typically publishes stolen data when ransom demands are not met.






Responses