NEW DELHI: A ransomware group has published thousands of files allegedly linked to India’s largest nuclear power plant, Kudankulam, in what experts warn could pose a “serious” risk to the facility’s safety.The hacker group World Leaks posted on the dark web what it claims are more than 19,000 sensitive files related to the Kudankulam Nuclear Power Plant in Tamil Nadu. The documents are part of a larger cache of approximately 858,000 files allegedly stolen from Reliance Group, one of the contractors involved in the project.Reliance Group confirmed a “partial breach” of its data on a server hosted by third-party Indian data centre provider Yotta, to Reuters. They added that the government had been informed. The company did not disclose what data had been breached.
What the leaked files contain
Reuters reviewed the leaked documents, dated from 2016 to mid-2025 , but could not verify their authenticity. The files reportedly include engineering blueprints for ventilation and cooling systems, floor layouts of a common control room, equipment inspection reports, supplier lists and vendor proposals, meeting records and insurance policies.The documents primarily relate to Units 3 and 4 of the Kudankulam plant, which are currently under construction and expected to be operational by 2027. They do not appear to include designs for the nuclear reactors’ core systems, which are supplied by Russia’s state-owned Rosatom.
Experts warn of security risks
Nickolas Roth, a senior director at the Nuclear Threat Initiative, said the data breach could pose a “serious” risk to the plant’s safety. “They could show an adversary not just who has access to the project but which systems that access reaches,” he told Reuters.Although no evidence suggests that operational reactor systems were compromised, cybersecurity experts say the leaked information could still be valuable to hostile actors. Attackers could potentially exploit vulnerabilities within associated infrastructure or third-party suppliers.
Investigation underway
India’s Computer Emergency Response Team is investigating the breach alongside the Nuclear Power Corporation of India, according to a source familiar with the matter. Yotta, the data centre provider, said it detected suspicious activity on a server on May 29 and that the suspected ransomware execution was prevented, but Reliance Infrastructure later informed it of claims of a data breach.Neither the Department of Atomic Energy nor the Prime Minister’s Office publicly commented on the investigation conducted by Reuters. World Leaks, which has previously targeted Tata Group and Nike, did not respond to requests for comment.The incident comes amid growing concerns over cybersecurity across India’s critical infrastructure. According to cybersecurity company Surfshark, India recorded 28.9 million compromised accounts last year, making it one of the countries most affected by data breaches globally.A recent industry survey found that 73% of Indian organisations surveyed were “unaware if they have ever been attacked” while 57% lack cyber hygiene practices.
Do you believe that the leaked documents pose a significant threat to national security?
3k+ users shared opinion today
5k+ users already voted today
3k+ users shared opinion today

Leave a Reply