Around 19,000 sensitive documents linked to the Kudankulam Nuclear Power Plant, India’s largest nuclear power facility, have reportedly been leaked online by ransomware group World Leaks. The leaked files allegedly include blueprints, supplier details, inspection records and other project-related documents, though their authenticity has not been independently verified.
The documents were reportedly linked to Reliance Group, one of the contractors involved in the plant’s Unit 3 and Unit 4 projects in Tamil Nadu. Reliance has confirmed a “partial breach” of data from a server hosted by third-party data centre provider Yotta and said authorities have been informed.
Gold 101.3 FM, UAE’s No. 1 radio station, brings you the latest updates.
Cybersecurity experts have warned that the exposure of such information could create security risks by revealing details about plant infrastructure, suppliers and support systems. However, reports indicate that the leaked files do not appear to involve the nuclear reactor core systems supplied by Russia’s Rosatom.
The leaked data reportedly includes documents dating from 2016 to 2025, covering equipment reviews, vendor proposals, meeting records and possible facility layouts. The Indian Computer Emergency Response Team (CERT-In) is investigating the incident, while the Nuclear Power Corporation of India is in communication with Reliance over the breach.
Yotta has said it detected suspicious activity on a Reliance Infrastructure server in May, terminated the activity and is supporting the ongoing investigation. World Leaks, which has previously targeted major companies, has not commented on the alleged breach.
The incident has renewed concerns over cybersecurity preparedness in India’s critical infrastructure sector. This is also the second reported cyber incident linked to the Kudankulam plant after malware connected to a North Korean hacking group was detected on its administrative network in 2019, though officials had said plant operations were not affected.