India's largest nuclear power plant suffers cyber attack; thousands of sensitive documents leaked (Image X @ANI)
New Delhi: A report claims that the ransomware group 'World Leaks' has uploaded thousands of documents linked to India's largest nuclear power plant, the Kudankulam Nuclear Power Plant, onto the dark web. These documents reportedly include alleged blueprints of certain sections of the plant, supplier details, meeting records, and insurance documents.
World Leaks claims that this data belongs to Anil Ambani's Reliance Infrastructure. However, the authenticity of these documents could not be independently verified.
According to the report, the Reliance Group acknowledged a partial breach of its data stored on the servers of Yotta, a third-party data center service provider. The company stated that the government had been informed of the incident but did not disclose which specific data was affected.
It is worth noting that the Kudankulam Nuclear Power Plant is the largest of India's seven nuclear power plants and a key component of Prime Minister Narendra Modi's plan to expand the country's nuclear energy capacity. Reliance Infrastructure is the contractor responsible for constructing the infrastructure for Units 3 and 4 of the project. Both units are expected to become operational by 2027 and will jointly generate 2,000 megawatts of electricity.
According to the report, out of the 858,000 files uploaded to the dark web, approximately 19,000 are considered highly sensitive. These reportedly include alleged blueprints for the ventilation and cooling systems of Units 3 and 4, the complete floor layout of the common control room, supplier lists, joint inspection reports (including photographs of equipment), and insurance policy documents.
The documents also reportedly mention that Reliance Infrastructure and the Nuclear Power Corporation of India (NPCIL) had secured insurance coverage allowing for a claim of up to $112 million in the event of a terrorist attack on Unit 3 or Unit 4. Nicholas Roth, a senior director at the Nuclear Threat Initiative (NTI), stated that if such documents were to fall into the wrong hands, they could reveal vulnerabilities in the plant's auxiliary systems, supply chain, and security arrangements, posing a serious security risk.
Meanwhile, Yotta stated that it had detected suspicious activity on Reliance Infrastructure's servers on May 29; this activity was immediately halted, and a potential ransomware attack was neutralized. However, in late June, Reliance informed Yotta that external cyber attackers had claimed to have stolen data. Yotta says it has been unable to verify these claims but has submitted its technical investigation report to Reliance and is cooperating with the inquiry.
According to sources, NPCIL is in contact with Reliance regarding the incident, and India's cybersecurity agency, CERT-In, is also investigating the matter. However, the Department of Atomic Energy (DAE), CERT-In, NPCIL, and the Prime Minister's Office have not issued any official comments on the issue.
It is worth noting that 'World Leaks' is the same ransomware group that previously targeted Nike and the Tata Group. In June, the group claimed to have demanded a ransom of $1.5 million in exchange for data stolen from the Tata Group; according to them, they released the data publicly after the ransom was not paid.
The report also highlights the growing threat of cyberattacks in India. According to the cybersecurity firm Surfshark, data from 28.9 million Indian accounts was leaked last year, placing India third globally in terms of data breaches.
This is not the first time the Kudankulam plant has been linked to a cyber incident. In 2019, malware associated with a North Korean hacker group was detected on the plant's administrative network.
Copyright © 2026 Top Indian News