Skip to content
Search

Latest Stories

Submit Guest Post

Data breach exposes files linked to India's Kudankulam nuclear plant

Reliance Group confirms a partial breach as investigators examine nearly 19,000 leaked files linked to the Kudankulam nuclear power project

kudankulam-nuclear-plant

FILE PHOTO: Police patrol on a beach near Kudankulam nuclear power project in the southern Indian state of Tamil Nadu September 12, 2012.

REUTERS/Adnan Abidi

Highlights

  • Reliance Group confirms a partial data breach involving a third-party server.
  • Nearly 19,000 files linked to the Kudankulam project appeared on the dark web.
  • Experts warn the documents could help attackers understand the plant's support infrastructure.

THOUSANDS of documents linked to India's largest nuclear power plant have been published on the dark web following a cyber breach affecting one of the project's contractors, raising concerns over the security of sensitive infrastructure information.


The files, claimed by the ransomware group World Leaks, relate to the Kudankulam Nuclear Power Plant in Tamil Nadu, a key part of India's plans to expand nuclear energy generation.

Reliance Group, led by businessman Anil Ambani and one of the project's contractors, confirmed that a "partial breach" had affected data stored on a server hosted by Indian data centre provider Yotta. The company said the incident had been reported to the government but did not disclose what information had been compromised.

Independent cybersecurity researcher Rakesh Krishnan said almost 19,000 files, amounting to 14.3GB of data, have been available online since June 11. Reuters reviewed the documents but said it could not independently verify their authenticity.

The files, dated between 2016 and mid-2025, appear to include blueprints for parts of the facility, supplier information, inspection records, meeting minutes, equipment reviews and insurance documents. They represent what appears to be the most sensitive portion of about 858,000 Reliance files published by the ransomware group.

Reliance Infrastructure secured the contract in 2018 to design and build infrastructure for Units 3 and 4 of the Kudankulam plant. Both reactors remain under construction and are expected to begin operations in 2027, adding a combined 2,000 megawatts of electricity generation capacity.

World Leaks has previously claimed responsibility for cyberattacks targeting major companies, including Tata Group and Nike. The group typically publishes stolen data after organisations refuse to pay ransom demands. It did not respond to Reuters' requests for comment.

'Information related only to common service facilities'

The Nuclear Power Corporation of India (NPCIL), which operates the country's nuclear power stations, said after publication of the Reuters report that the information available online related only to common service facilities and did not concern nuclear safety or nuclear security systems.

A source familiar with the matter said NPCIL has been in contact with Reliance over the breach and that the Indian Computer Emergency Response Team (CERT-In) is investigating the incident. India's Department of Atomic Energy declined to comment, while CERT-In and the Prime Minister's Office did not respond to Reuters.

Yotta said it detected suspicious activity on a Reliance Infrastructure server on May 29 and immediately stopped the suspected ransomware attempt. It added that Reliance informed it at the end of June that external threat actors had claimed a data breach. Yotta said it has been unable to verify those claims but has shared the findings of its technical investigation with Reliance and is supporting the ongoing inquiry.

Although the leaked documents do not appear to involve the nuclear reactors' core systems, which are supplied by Russia's state-owned Rosatom, they reportedly include ventilation and cooling system drawings for Units 3 and 4, the layout of a common control room, supplier proposals, approved vendor lists, inspection records and photographs of equipment.

One document also appears to show an insurance policy worth $112 million covering Units 3 and 4 against acts of terrorism.

Cybersecurity experts said such information could still be valuable to attackers by revealing details about support infrastructure, contractors and supply chains.

Nickolas Roth, senior director at the Nuclear Threat Initiative, said the documents could help adversaries identify who has access to the project and which systems they can reach.

The incident follows a malware attack linked to a North Korean hacking group on Kudankulam's administrative network in 2019. NPCIL said at the time that the plant's operational systems had not been affected.

(with inputs from Reuters)

Add EasternEye As Your Trusted Source
preferred source on google news

More For You

Warren Buffett

Warren Buffett has reshaped his long-term philanthropy while maintaining his friendship with Bill Gates

Getty Images

Buffett ends 20-year support for Gates Foundation, calls Gates' Epstein links 'distasteful'

  • Warren Buffett has ended 20 years of donations to the Gates Foundation.
  • Buffett described Bill Gates' association with Jeffrey Epstein as "distasteful" but said people can make mistakes in choosing friends.
  • Future charitable donations will instead be managed by foundations run by Buffett's family.

Warren Buffett has explained why he ended two decades of charitable donations to the Gates Foundation, saying Bill Gates' past association with convicted sex offender Jeffrey Epstein influenced his decision, even though he believes mistakes in personal relationships do not necessarily define a person.

The Berkshire Hathaway chairman confirmed that the Gates Foundation did not receive any of his annual share donations this year for the first time since 2006. Instead, Buffett transferred his remaining Berkshire Hathaway shares to four charities linked to his family, marking a significant shift in one of the world's largest philanthropic partnerships.

Keep ReadingShow less