A ransomware group known as World Leaks has published thousands of files on the dark web that it claims are linked to India’s Kudankulam Nuclear Power Plant, raising fresh concerns about cybersecurity and the protection of critical infrastructure.
According to a Reuters report, the leaked data allegedly includes blueprints of parts of the nuclear facility, supplier information, inspection records, equipment reviews, insurance documents, and meeting records. The files were labeled as originating from Reliance Group, one of the contractors involved in the project.
The Kudankulam Nuclear Power Plant, located in the southern state of Tamil Nadu, is India’s largest nuclear facility and plays a central role in the country’s plans to expand nuclear energy capacity. Two additional reactors, Units 3 and 4, are currently under construction and are expected to become operational by 2027.
Reliance Group acknowledged that there had been a partial data breach involving a server hosted by Indian data center provider Yotta. The company said the incident had been reported to the Indian government but did not specify what information had been compromised.
Yotta stated that it detected suspicious activity on May 29 involving Reliance Infrastructure’s server and immediately stopped the suspected ransomware attack. However, the company later learned that external threat actors had claimed to possess stolen data. Yotta said it has not independently verified those claims but is cooperating with the ongoing investigation.
Reuters reviewed approximately 19,000 files from a larger collection of 858,000 leaked documents, though it could not independently verify their authenticity.
Cybersecurity experts warned that even if the leaked files do not contain information about the reactors’ core systems, documents related to ventilation systems, control room layouts, suppliers, and support infrastructure could still present security risks.
Nickolas Roth, Senior Director at the Nuclear Threat Initiative, said such information could potentially help malicious actors identify vulnerabilities in the plant’s broader security chain and infrastructure.
Indian authorities, including the Indian Computer Emergency Response Team (CERT-In), are investigating the incident. The Nuclear Power Corporation of India has also been coordinating with Reliance regarding the reported breach.
The documents reportedly do not involve the nuclear reactors’ core technology, which is supplied by Russia’s state-owned Rosatom.
The incident also highlights India’s growing cybersecurity challenges. According to cybersecurity firm Surfshark, India recorded nearly 28.9 million compromised accounts last year, making it one of the countries most affected by data breaches worldwide.
This is not the first cybersecurity incident associated with the Kudankulam Nuclear Power Plant. In 2019, malware linked to a North Korean hacking group was detected on the plant’s administrative network, although officials said operational systems were not affected.
The latest claims have renewed concerns about protecting critical infrastructure from increasingly sophisticated cyber threats as governments and industries continue expanding digital operations.
Also read: Hacker Leaks Data of Leading Indian Insurer Star Health Using Telegram Chatbots




