World

Hackers Dump 858,000 Files From India's Largest Nuclear Plant on the Dark Web

A ransomware group called World Leaks posted blueprints and internal records tied to the Kudankulam Nuclear Power Plant after a breach at a Reliance Group contractor, prompting a national security investigation.

· 3 min read
Hackers Dump 858,000 Files From India's Largest Nuclear Plant on the Dark Web

A ransomware gang has dumped a vast trove of files linked to India's largest nuclear power plant onto the dark web, exposing engineering blueprints and internal records in a breach that has triggered a national security investigation and rattled New Delhi's ambitious atomic-energy plans.

The group, which calls itself World Leaks, uploaded roughly 858,000 files that it claims belong to the Reliance Group, the conglomerate controlled by Indian industrialist Anil Ambani. More than 19,000 of the documents contained sensitive information, including technical blueprints for the ventilation, cooling systems and floor layouts of Units 3 and 4 of the Kudankulam Nuclear Power Plant in the southern state of Tamil Nadu. The cache also included supplier details, meeting and inspection records, equipment evaluations and insurance policies, with documents dated between 2016 and mid-2025.

Reliance confirmed a "partial" data breach on a server hosted by Yotta, a third-party Indian data-center provider. Technicians at Yotta said they had detected unusual activity on May 29 on a server holding Reliance Infrastructure data and immediately severed the connection to block the suspected ransomware attack. Reuters, which reviewed the leaked documents, said it could not independently verify their authenticity.

The Nuclear Power Corporation of India, or NPCIL, which operates Kudankulam, said it was in discussions with the Reliance Group to assess the severity of the exposure. India's Computer Emergency Response Team, known as CERT-In, has opened an investigation. Officials have not said whether any safety-critical reactor systems were touched by the breach; the leaked material appears to relate to construction and support infrastructure rather than the reactors' core control systems.

Kudankulam, built with Russian assistance, is the centerpiece of Prime Minister Narendra Modi's drive to sharply expand India's nuclear capacity, and it has been a target before. In 2019, the plant's administrative network was hit by malware that security researchers linked to North Korean hackers, an incident officials initially downplayed before acknowledging the intrusion.

Cybersecurity analysts said the latest leak underscores the growing risk posed by third-party contractors and data centers that hold sensitive files far from the reactor fence line. World Leaks has been active against major corporations in recent months, previously claiming attacks on Nike and India's Tata Group, from which it demanded a $1.5 million ransom in June. The exposure of even non-operational schematics for a nuclear facility raises concerns about how such data could be exploited, and it adds to mounting pressure on Indian regulators to tighten oversight of the private vendors entrusted with the country's critical infrastructure.

Originally reported by Business Today.

India Kudankulam ransomware cybersecurity nuclear Reliance