Kudankulam Nuclear Power Plant Files Leaked? Reliance Confirms Partial Data Breach, Probe Underway

Ransomware group World Leaks allegedly published thousands of files linked to the Kudankulam Nuclear Power Plant project. Reliance Group confirmed a partial data breach involving a server hosted by Yotta and said authorities were informed. Reuters could not verify the leaked documents, while investigators including CERT-In are examining the claims and potential risks.

Add FPJ As a
Trusted Source
Kudankulam Nuclear Power Plant Files Leaked? Reliance Confirms Partial Data Breach, Probe Underway
Deeksha Pandey Updated: Thursday, July 16, 2026, 01:14 AM IST
Kudankulam Nuclear Power Plant Files Leaked? Reliance Confirms Partial Data Breach, Probe Underway

Kudankulam Nuclear Power Plant Files Leaked? Reliance Confirms Partial Data Breach, Probe Underway | AI

A ransomware group has published thousands of files purportedly linked to the Kudankulam Nuclear Power Plant, India's largest nuclear facility, raising concerns over the security of sensitive infrastructure.

The group, World Leaks, posted what it claimed were files sourced from Anil Ambani-led Reliance Group. The cache allegedly includes blueprints of parts of the plant, supplier information, meeting records, inspection reports, insurance documents and other project-related files, Reuters reports.

Reuters reviewed the documents, dated between 2016 and mid-2025, but could not verify their authenticity.

Reliance confirms partial breach

Reliance Group, one of the contractors involved in the Kudankulam project, acknowledged a "partial breach" of data stored on a server hosted by Indian data centre service provider Yotta. The company said it had informed the Government about the incident but did not disclose what information had been compromised.

World Leaks uploaded around 19,000 files that appeared to be the most sensitive among about 858,000 Reliance-related files available on its website. The ransomware group typically publishes stolen corporate data after companies refuse to pay the demanded ransom. Its website is accessible only through a specialised browser.

In June, World Leaks told Reuters it had demanded $1.5 million from Tata Group for stolen files containing confidential component designs of Apple and Tesla, adding that it published the data after Tata "ignored" its demand.

Reliance Infrastructure secured a contract in 2018 to design and build infrastructure for Unit 3 and Unit 4 of the Kudankulam project. The two units, currently under construction, are expected to become operational by 2027 and together will add 2,000 megawatts of power generation capacity.

Investigation underway as experts warn of risks

The Nuclear Power Corporation of India (NPCIL), which operates the country's nuclear power plants, is in contact with Reliance over the breach, while the Indian Computer Emergency Response Team (CERT-In) is investigating the matter, according to a source familiar with the developments.

NPCIL Chairman Rajesh Veeraraghavan, CERT-In and the Government's main press office did not respond to Reuters' requests for comment. The Department of Atomic Energy declined to comment, while Prime Minister Narendra Modi's Office also did not respond.

Yotta said it detected suspicious activity on May 29 on a server belonging to Reliance Infrastructure. According to the company, the activity was immediately stopped and the suspected ransomware execution was prevented. However, Reliance Infrastructure informed Yotta at the end of June that "external threat actors" had claimed a data breach.

Yotta said it has not been able to verify the claims of the "threat actor" but has shared its technical findings with Reliance Infrastructure and continues to support the investigation.

Sensitive documents allegedly exposed

The leaked documents do not appear to involve the nuclear reactors' core systems, which are supplied by Russia's state-owned Rosatom. However, they reportedly include blueprints for ventilation and cooling systems serving Unit 3 and Unit 4, along with what appears to be the complete floor layout of a common control room.

The files also contain what appear to be vendor proposals, approved supplier lists, records of a 2024 joint inspection by NPCIL and Reliance, photographs of equipment, and an insurance policy allegedly covering losses of up to $112 million if either Unit 3 or Unit 4 were to suffer an act of terrorism.

Nickolas Roth, Senior Director at the Nuclear Threat Initiative, warned the breach could pose a "serious" risk to the plant's safety.

The files, if obtained by malicious actors, could potentially be used to map support systems, identify suppliers and locate weaknesses in the plant's security chain, researchers said.

They could "show an adversary not just who has access to the project but which systems that access reaches," said Nuclear Threat Initiative's Roth.

Rising cyber threats in India

The incident highlights growing cybersecurity challenges in India. According to cybersecurity company Surfshark, India ranked third globally last year for compromised accounts, with 28.9 million accounts affected, behind only the US and France.

A report by the Data Security Council of India and cybersecurity firm Seqrite found that 73% of 204 organisations surveyed were "unaware if they have ever been attacked", while 57% lacked cyber hygiene practices.

The Kudankulam Nuclear Power Plant has previously been linked to a cyber incident. In 2019, malware associated with a North Korean hacking group was detected on the plant's administrative network. At the time, NPCIL said the matter was investigated immediately and that the plant's operational systems were unaffected.

Published on: Thursday, July 16, 2026, 01:13 AM IST

RECENT STORIES