An exclusive report by Reuters claims that India’s Kudankulam Nuclear Plant could be in trouble after sensitive data being leaked online on dark web.
A massive cybersecurity breach has rocked India’s critical infrastructure, with experts warning of a “serious” safety risk after thousands of sensitive files allegedly linked to the country’s largest nuclear power facility surfaced on the dark web.
A well-known ransomware group named ‘World Leaks’ has published over 19,000 files purportedly containing engineering blueprints, supplier details, and infrastructure records related to the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu. The highly confidential documents were reportedly stolen from Reliance Group, a key contractor involved in the construction of the plant’s upcoming units.
World Leaks Ransomware Group Claims Kudankulam Nuclear Plant Breach
The 19,000 leaked documents are part of a much larger cache of approximately 858,000 files that the ransomware syndicate claims to have stolen from Reliance Group. Reliance Infrastructure, a subsidiary of the conglomerate led by Anil Ambani, had secured a major contract in 2018 to design and build essential infrastructure for the Kudankulam Nuclear Plant‘s Unit 3 and Unit 4, which are currently under construction and expected to be operational by 2027.

Following the explosive reports, Reliance Group issued a statement confirming a “partial breach” of its data. The company revealed that the compromised data was stored on a server hosted by Yotta, an Indian third-party data centre provider, and confirmed that the government had been officially notified.
What the Leaked Reliance Group Files Contain
While the authenticity of the files is still being verified, independent reviews of the leaked data—which dates from 2016 to mid-2025—indicate severe vulnerabilities. The exposed documents reportedly include Kudankulam Nuclear Plant engineering blueprints for ventilation and cooling systems, detailed floor layouts of a common control room, equipment inspection reports, vendor proposals, and highly sensitive insurance policies.

One document allegedly reveals that Reliance Infrastructure and the Nuclear Power Corporation of India (NPCIL) had taken out a $112 million insurance policy in the event that Unit 3 or 4 suffered an act of terrorism.
Crucially, the leak does not appear to contain core designs for the nuclear reactors themselves, as those systems are supplied directly by Russia’s state-owned Rosatom.
ALSO READ: Ex-AAP Councillor Tahir Hussain Convicted in 2020 Delhi Riots Murder Case of IB Officer Ankit Sharma
RECOMMENDED FOR YOU: CJP Protest: Sonam Wangchuk’s Hunger Strike Reaches Day 18, Delhi High Court Demands Answers
Security Experts Warn of “Serious” Risks to Kudankulam Nuclear Plant
Despite the core reactor systems remaining uncompromised, global cybersecurity experts are sounding the alarm. Nickolas Roth, a senior director at the Nuclear Threat Initiative, warned that the data breach poses a “serious” risk to the facility’s overall safety.

“They could show an adversary not just who has access to the project but which systems that access reaches,” Roth cautioned. Cybersecurity researchers emphasize that malicious actors could exploit these blueprints to map out the plant’s critical support systems, pinpoint infrastructural weaknesses, and launch targeted attacks through third-party suppliers. Sources within KKNPP admitted the leak has caused “absolute commotion” among the top brass of the nuclear park.
CERT-In and NPCIL Launch Urgent Investigation
The Indian government has launched a high-level probe into the incident. The Indian Computer Emergency Response Team (CERT-In) is actively investigating the breach in coordination with the Nuclear Power Corporation of India (NPCIL).
Yotta, the data centre operator, stated that it detected suspicious activity on a Reliance Infrastructure server on May 29 and successfully prevented a suspected ransomware execution at the time. However, Reliance later informed them of claims made by external threat actors regarding a successful data exfiltration.
NOTE: The facts and claims cannot be independently verified and article is based on media reports.
The 2019 Kudankulam Cyber Attack
This is not the first time the heavily guarded Kudankulam Nuclear Plant facility has found itself in the crosshairs of international hackers. The plant was previously targeted in a major cyber incident in 2019, when malicious software tied to a North Korean state-sponsored hacking group was detected on its administrative IT network. Following that attack, NPCIL assured the public that the plant’s core operational systems were completely isolated and unaffected.
As the investigation into this latest dark web leak continues, the breach serves as a stark reminder of the escalating cybersecurity threats targeting India’s critical energy infrastructure.
