A ransomware group has published thousands of files allegedly linked to India’s largest nuclear power plant in Kudankulam, in what experts warn could pose a “serious” risk to the safety of the nuclear facility.
The hacker group, World Leaks, posted on the dark web what it claims are more than 19,000 sensitive files related to the Kudankulam nuclear power plant in Tamil Nadu. The documents are part of a larger cache of 8.58 lakh files allegedly stolen from Reliance Group, one of the contractors involved in the project.
The Anil Ambani-led Reliance Group confirmed a “partial breach” of its data on a server hosted by third-party Indian data centre provider Yotta, to Reuters. The company said the government had been informed about it, but did not disclose which data had been breached.
The foreign news agency reviewed the leaked documents dating from 2016 to mid-2025, but could not verify their authenticity. The files reportedly include engineering blueprints for ventilation and cooling systems, floor layouts of a common control room, equipment inspection reports, supplier lists and vendor proposals, meeting records and insurance policies.
The documents primarily relate to Units 3 and 4 of the Kudankulam plant, which are currently under construction and expected to be operational by 2027. They do not appear to include designs for the nuclear reactors’ core systems, which are supplied by Russia’s state-owned Rosatom.
Probe underway, but official response awaited
It is learnt that India’s Computer Emergency Response Team is investigating the breach, along with the Nuclear Power Corporation of India. Yotta, the data centre provider, said it detected suspicious activity on a server on May 29 and that the suspected ransomware execution was prevented, but Reliance Infrastructure later informed it about claims of a data breach.
Neither the Department of Atomic Energy nor the Prime Minister’s Office publicly commented on the investigation. World Leaks, which has previously targeted Tata Group and Nike, also did not respond to requests for comments.
Experts warn of serious security implications
Nickolas Roth, a senior director at the Nuclear Threat Initiative, said the data breach could pose a “serious” risk to the plant’s safety. “They could show an adversary, not just who has access to the project but which systems that access reaches,” he told the news agency.
Though there is no evidence to suggest that operational reactor systems were compromised, cybersecurity experts say the leaked information could still be misused by hostile actors. Attackers could potentially exploit vulnerabilities within associated infrastructure or third-party suppliers.
The incident assumes significance amid growing concerns over cybersecurity across India’s critical infrastructure. According to cybersecurity company Surfshark, India recorded 28.9 million compromised accounts last year, making it one of the countries most affected by data breaches globally. A recent industry survey found that 73 per cent of the Indian organisations surveyed were “unaware if they have ever been attacked”, while 57 per cent lack cyber hygiene practices.
Also read: Jharkhand set for first nuclear power plant, 14 MoUs signed