Brief By Newsbrief / 12:30 PM on 16 Jul 2026
A major cybersecurity concern has emerged after thousands of sensitive documents allegedly linked to the Kudankulam Nuclear Power Plant in Tamil Nadu were claimed to have been leaked on the dark web. The ransomware group World Leaks has claimed responsibility, alleging that it obtained blueprints, supplier details, inspection reports, and other technical records from the servers of Reliance Infrastructure, a contractor involved in the plant's expansion project. While the company has acknowledged a partial data breach involving information stored with third-party data centre provider Yotta, it has not confirmed whether the leaked files are genuine or disclosed exactly what information may have been compromised. Government agencies, including CERT-In and the Nuclear Power Corporation of India (NPCIL), are investigating the matter.
According to reports, the leaked dataset reportedly contains around 8.58 lakh files, with nearly 19,000 documents described as highly sensitive. These are said to include alleged blueprints of ventilation and cooling systems for Units 3 and 4, control room layouts, supplier information, equipment inspection reports, and insurance-related documents. Some reports also claim that the leaked files mention insurance coverage of up to 112 million US dollars for damages resulting from a terrorist attack on the upcoming reactor units. However, these claims have not been independently verified. Yotta stated that it detected suspicious activity on Reliance Infrastructure's servers on May 29 and acted immediately to contain a possible ransomware attack. It later learned that external attackers claimed to have stolen data and has since shared its technical findings with the company while continuing to cooperate in the investigation.
Kudankulam is India's largest nuclear power plant and plays a key role in the country's plans to expand nuclear energy generation. Reliance Infrastructure is responsible for infrastructure work on Units 3 and 4, which are expected to become operational by 2027 with a combined capacity of 2,000 MW. Cybersecurity experts have warned that if authentic technical documents fall into the wrong hands, they could expose vulnerabilities in support systems, supply chains, and security arrangements. Officials from NPCIL are coordinating with Reliance Infrastructure, while CERT-In continues its investigation. No official statement has yet been issued by the Department of Atomic Energy (DAE), CERT-In, NPCIL, or the Prime Minister's Office. The incident also comes amid growing cyber threats in India, with reports indicating a sharp rise in data breaches in recent years.