A ransomware group has leaked nearly 19,000 files tied to India’s largest nuclear power plant, exposing gaps in cybersecurity at one of the country’s most sensitive infrastructure sites.
What happened?
The group, known as World Leaks, posted the files on the dark web, claiming they came from Reliance Group, a contractor at the Kudankulam Nuclear Power Plant in Tamil Nadu. Reliance confirmed a “partial breach” of data hosted on a server run by third-party provider Yotta, though it did not specify what was compromised. The 14.3 gigabytes of files, dated between 2016 and mid-2025, reportedly include blueprints, supplier lists, inspection records and insurance documents tied to Unit 3 and Unit 4, both still under construction.
Why it matters?
Kudankulam is central to Prime Minister Narendra Modi’s push to expand India’s nuclear capacity. Experts warn the leak could still be damaging even though it doesn’t touch the reactors’ core systems, which Russia’s Rosatom supplies. Nickolas Roth of the Nuclear Threat Initiative said the exposed files could help adversaries map support systems, identify vendors and locate weak points in the plant’s security chain.
A bigger pattern
This isn’t an isolated case. World Leaks has previously hit Nike and Tata Group, and India ranks third globally for data breaches, with 28.9 million accounts compromised last year. A recent industry survey found most Indian organizations aren’t even aware if they’ve been attacked, and more than half lack basic cyber hygiene.
What’s next
CERT-In, India’s cybersecurity agency, is investigating alongside the Nuclear Power Corporation. Yotta says it detected and blocked suspicious activity in May, though it hasn’t verified the breach claims. Authorities have yet to comment publicly on the incident’s scope or impact.
