New Delhi/Chennai, July 16:
In a development that has raised serious concerns within India’s national security and nuclear establishments, nearly 19,000 files linked to the Kudankulam Nuclear Power Plant (KKNPP) were reportedly leaked on the dark web by a ransomware group, triggering a high-level review of cybersecurity protocols.
The breach, first reported by Reuters, is said to involve documents allegedly accessed by a hacking group identified as “World Leaks.” According to the report, the data forms part of a larger cache of over 8.5 lakh documents purportedly obtained through a cyberattack on companies linked to the Reliance Anil Ambani Group.
Responding to the reports, the Nuclear Power Corporation of India Limited (NPCIL), which operates the Kudankulam facility, sought to allay fears, stating that no sensitive information related to nuclear safety or security systems had been compromised. The corporation emphasised that critical systems remain fully secure and unaffected.
Preliminary information suggests that the leaked files may include details such as blueprints and supplier-related data, particularly concerning Units 3 and 4 of the plant, which are currently under construction. These units involve engineering, procurement and construction work carried out by Reliance Infrastructure, a firm under the Anil Ambani-led group.
Sources indicated that the suspected breach may have originated from a third-party service provider engaged by the contractor. The company has reportedly acknowledged a limited data breach and informed the government, maintaining that the compromised data pertains only to non-critical systems.
According to available reports, some of the leaked documents relate to ventilation and cooling systems associated with the upcoming units. However, NPCIL clarified that these systems fall under conventional infrastructure used in power generation and are not directly linked to nuclear safety mechanisms or reactor operations.
Despite these assurances, the incident has been treated with utmost seriousness given the strategic importance of nuclear installations. The Computer Emergency Response Team India has stepped in to investigate the breach and assess its potential implications.
Officials noted that while the full extent of the leak and the identity of all entities involved remain unclear, any exposure of information related to critical infrastructure warrants immediate scrutiny. The government is expected to further tighten cybersecurity measures across sensitive sectors in the wake of the incident.
The Kudankulam plant, located in southern Tamil Nadu, is India’s largest nuclear power facility and plays a vital role in the country’s energy security, making any potential data compromise a matter of national concern.

