Latest

Files relating to India’s largest nuclear power plant exposed in data breach – World


Files relating to India’s largest nuclear power plant exposed in data breach – World

Ransomware group World Leaks has posted on the dark web a huge cache of files related to India’s largest nuclear plant, including purported blueprints of parts of its facilities and supplier details — information it ​labelled as coming from Reliance Group.

The Kudankulam Nuclear Power Plant, located in the southern state of Tamil Nadu, is the largest of India’s seven nuclear plants and central to Prime Minister ‌Narendra Modi’s ambitious plans to expand the country’s atomic energy capacity.

Indian businessman Anil Ambani’s Reliance Group, one of the plant’s contractors, told Reuters in a statement that there had been a “partial breach” of its data on a server hosted by third-party Indian data centre service provider Yotta, and that the government had been informed about the incident.

Reliance did not disclose what data had been breached.

The data breach could pose a “serious” risk to the safety of the plant, says Nickolas Roth, a senior director at the Nuclear Threat Initiative, which ​advises governments and benchmarks countries’ preparedness on nuclear security. The breach also underscores how hacks have become more common in India, where many companies are ill-equipped to deal with such threats.

Reuters reviewed the documents, which ​were dated from 2016 to mid-2025, but could not verify their authenticity. In addition to some blueprints and supplier details, they purportedly show meeting and inspection records, equipment ⁠reviews and insurance policies.

The 19,000 files appeared to be the most sensitive of a total 858,000 Reliance files on the World Leaks website.

One of the conglomerate’s subsidiaries, Reliance Infrastructure, won a contract in 2018 to design and ​build infrastructure for the plant’s Unit 3 and Unit 4. Both units, still under construction, are due to be operational by 2027 and are slated to provide a combined 2,000 megawatts of capacity.

World Leaks, a well-known ransomware group that ​has previously targeted Nike and India’s Tata Group, did not respond to Reuters queries on the Reliance data breach. The group typically posts stolen corporate data on its website after companies decline to pay the ransom demanded. Its website can only be accessed with a specialised browser.

In June, World Leaks told Reuters it had sought $1.5 million in ransom for Tata Group files that contained confidential component designs of clients Apple and Tesla, adding that it posted the data after Tata “ignored” its demand.

data breaches, with 28.9m accounts compromised last year, lagging only the United ⁠States and France, ​according to cybersecurity company Surfshark.

A report last year by the Data Security Council of India and cybersecurity firm Seqrite said that of 204 ​organisations surveyed across India, some 73 per cent were “unaware if they have ever been attacked” while 57pc lack cyber hygiene practices.

It is also the second time that the Kudankulam plant has been linked to a cyber incident, with malware tied to a North Korean hacker group found on the ​plant’s administrative network in 2019. At the time, the Nuclear Power Corporation said the matter was investigated immediately and plant systems were not affected.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button