INDIA: Hackers Claim Leak of Sensitive Documents From Kudankulam Nuclear Power Plant
· 54 views
NEW DELHI (Terror Monitor) — The ransomware group World Leaks has allegedly published sensitive documents linked to India’s Kudankulam Nuclear Power Plant (KKNPP) on the dark web following a reported data breach, raising fresh concerns over the cybersecurity of critical infrastructure.
According to Reuters, the Kudankulam Nuclear Power Plant, located in the southern state of Tamil Nadu, is India’s largest nuclear power facility and plays a central role in Prime Minister Narendra Modi’s nuclear energy expansion program.
Reliance Group, a contractor involved with the project, confirmed that one of its servers suffered a “partial data breach.” The company said the affected server was hosted by Indian data center provider Yotta and that the incident had been reported to the government, but it did not disclose what information may have been compromised.
Independent cybersecurity researcher Rakesh Krishnan said approximately 19,000 files, totaling 14.3 gigabytes, have been available on the dark web under the label “KKNPP” since June 11. The files allegedly contain documents dating from 2016 to mid-2025.
Reuters reviewed portions of the leaked material but said it could not independently verify its authenticity. The documents reportedly include ventilation and cooling system diagrams, supplier information, inspection reports, meeting records, and insurance documents.
Cybersecurity experts warned that if authentic, the leaked information could expose details about the plant’s support systems, supply chain, and potential security vulnerabilities, increasing the risk to the facility.
Nicholas Roth, Senior Director at the Nuclear Threat Initiative, said such information in the wrong hands could pose a serious security threat to the nuclear plant.
India’s Nuclear Power Corporation and the national cybersecurity agency CERT-In are investigating the incident. However, authorities have not yet confirmed the authenticity or scope of the alleged leaked data.
Yotta said it detected suspicious activity on Reliance Infrastructure’s server on May 29 and took immediate action to stop what appeared to be a ransomware attack. The company later became aware of claims by external actors that data from the server had been leaked.
World Leaks has previously targeted major organizations in cyberattacks and is known for allegedly publishing stolen data on the dark web when ransom demands are not met.
Related Articles
North Korea to Boost Nuclear Power, Intelligence Operations
North Korea has announced plans to strengthen its nuclear capabilities and expand the role of its military intelligence agency focused on South Korea-related operations, amid continued tensions between the two countries.
NATO Defense Firms Highlight Over $50 Billion in Deals at Ankara Forum
NATO defense companies highlighted more than $50 billion in defense procurement and industrial cooperation agreements at a forum in Ankara, as allied countries seek to expand military capabilities, boost weapons production, and strengthen joint defense readiness.
Pakistan military expresses concern over cross-border militancy, vows response to threats
Pakistan’s military leadership, during a Corps Commanders’ Conference chaired by Field Marshal Syed Asim Munir, expressed concern over alleged use of Afghan territory by militant groups for attacks inside Pakistan and reiterated its commitment to continue counterterrorism operations under “Operation Ghazb-e-Haq.”
China conducts ballistic missile test in South Pacific nuclear-free zone
China has reportedly conducted a long-range ballistic missile test from a submarine in the South Pacific nuclear-free zone, drawing concern from regional countries including New Zealand and Australia, which described the move as harmful to regional stability.