A recent data breach involving files linked to the Kudankulam Nuclear Power Plant has prompted widespread attention after a ransomware group known as World Leaks published nearly 19,000 files on the dark web. The incident, which came to light this week, involves documents purportedly related to the construction and operation of the plant's third and fourth units. While the scale of the leak is significant, the Nuclear Power Corporation of India Limited has clarified that the compromised data does not involve nuclear safety or reactor security systems.
The breach reportedly originated from the systems of Reliance Infrastructure, a contractor that was awarded an engineering, procurement, and construction contract for the plant's common infrastructure in 2018. Reliance confirmed a partial breach of its data, which was hosted on a server managed by a third-party provider, Yotta Data Services. The company stated that it has informed the government about the incident and is currently investigating the extent of the exposure.
According to reports, the leaked cache totals approximately 14.3 gigabytes and includes engineering drawings, supplier details, inspection records, and insurance documents dated between 2016 and 2025. Cybersecurity researchers who identified the files noted that they were tagged with an acronym for the nuclear plant. The Nuclear Power Corporation of India Limited emphasized that these documents relate only to the conventional Balance of Plant package, which involves supporting infrastructure similar to that found in thermal power plants.
Government officials have downplayed the risks, stating that there is no immediate need for a security review because the leaked information is not connected to core nuclear operations. Despite these assurances, the incident has sparked a broader conversation about the vulnerability of critical infrastructure supply chains to cyberattacks. As the investigation continues, the focus remains on securing third-party systems that handle sensitive project data to prevent future unauthorized access.
