NEW DELHI: A ransomware group known as World Leaks has allegedly published a large volume of sensitive data on the dark web related to Kudankulam Nuclear Power Plant, India’s largest nuclear power facility, according to a report by Reuters.
The leaked material reportedly includes documents associated with the plant’s infrastructure, supplier information, engineering records, inspection reports, and insurance documents. The hacking group claims the data was obtained through a breach involving the Reliance Group, which has worked on infrastructure projects at the nuclear facility.
According to Reuters, Kudankulam Nuclear Power Plant, located in the southern state of Tamil Nadu, is the largest of India’s seven nuclear power stations and is a key component of Prime Minister Narendra Modi’s plans to expand the country’s nuclear energy capacity.
The project for Units 3 and 4 was awarded in 2018 to Reliance Infrastructure, a subsidiary of the Reliance Group led by businessman Anil Ambani.
In a statement to Reuters, Reliance acknowledged that there had been a partial intrusion into its data stored on servers operated by data center provider Yotta. The company said it had informed the Indian government about the incident but did not specify which data had been compromised.
Reuters reported that World Leaks has published approximately 858,000 files, of which around 19,000 appear to be highly sensitive, according to an assessment cited in the report.
The leaked documents reportedly do not appear to include information relating to the core reactor systems. However, they are said to contain engineering drawings of ventilation and cooling systems, a control room layout, supplier proposals, approved vendor lists, records of joint inspections conducted in 2024 by the Nuclear Power Corporation of India Limited (NPCIL) and Reliance, as well as photographs of equipment.
One of the reported documents also references an insurance policy jointly held by Reliance Infrastructure and NPCIL, providing coverage of up to $112 million in the event that Units 3 or 4 are damaged in a terrorist attack.
Cybersecurity experts have warned that even if reactor control systems are not exposed, the release of supporting infrastructure data could present significant security risks.
Nicholas Roth, Senior Director at the Nuclear Threat Initiative (NTI), told Reuters that such information could help malicious actors map auxiliary systems, identify suppliers, and analyze potential security vulnerabilities.
“This type of data not only shows who has access to the project, but also indicates which systems could potentially be reached through that access,” Roth said.
World Leaks is a ransomware group previously linked to cyberattacks targeting major organizations, including Nike and India’s Tata Group. According to Reuters, the group typically demands ransom payments and publishes stolen data on its dark web website if victims refuse to pay.
Reuters also noted that World Leaks claimed in June that it had demanded $1.5 million from Tata Group in exchange for files allegedly containing confidential designs linked to clients such as Apple and Tesla. The group said the files were later released after the ransom demand was rejected.
According to cybersecurity company Surfshark, India ranks third globally in terms of reported data leak incidents.
The reported breach has raised concerns among cybersecurity specialists about the protection of sensitive infrastructure information and the growing threat posed by ransomware attacks targeting critical national assets. While there is no indication that the nuclear reactors’ operational control systems were compromised, experts stress that exposure of engineering, logistical, and supplier data can still pose serious security risks.



