New Delhi, July 15,2026: A ransomware group has allegedly published thousands of files on the dark web related to India’s largest nuclear power plant, raising fresh concerns over cybersecurity and the protection of critical infrastructure.
According to a Reuters report, the ransomware group World Leaks claimed to have released a large cache of files connected to the Kudankulam Nuclear Power Plant in the southern state of Tamil Nadu, including purported facility blueprints, supplier information and project documents that it said originated from India’s Reliance Group.
The Kudankulam Nuclear Power Plant is India’s largest nuclear facility and a key component of Prime Minister Narendra Modi’s plans to significantly expand the country’s nuclear energy capacity.
Reliance Group, headed by businessman Anil Ambani and one of the project’s contractors, acknowledged that there had been a “partial breach” involving data stored on a server hosted by Indian data centre provider Yotta.
In a statement, the company said the incident had been reported to the government but did not specify what information had been compromised.
Reuters reported that it reviewed documents dated between 2016 and mid-2025 but could not independently verify their authenticity.
The leaked material reportedly includes engineering blueprints for ventilation and cooling systems used in Units 3 and 4 of the plant, supplier lists, inspection records, equipment reviews, insurance documents and what appeared to be the floor layout of a common control room.
The files are said to be part of approximately 858,000 documents allegedly stolen from Reliance, with around 19,000 identified as potentially sensitive.
Reliance Infrastructure, a subsidiary of Reliance Group, secured a contract in 2018 to design and build infrastructure for Kudankulam’s Units 3 and 4, which remain under construction and are expected to become operational by 2027 with a combined generating capacity of 2,000 megawatts.
Cybersecurity experts warned that if authentic, the leaked information could present significant security risks.
Nickolas Roth, Senior Director at the Nuclear Threat Initiative, said such information could potentially enable malicious actors to identify suppliers, map support systems and exploit vulnerabilities in the facility’s security chain.
India’s Nuclear Power Corporation, which operates the country’s nuclear plants, has reportedly been coordinating with Reliance regarding the incident, while the Indian Computer Emergency Response Team (CERT-In) is investigating the alleged breach.
Neither the Nuclear Power Corporation nor India’s Department of Atomic Energy publicly commented on the matter.
Yotta said it detected suspicious activity on a server used by Reliance Infrastructure on May 29 and immediately blocked the attempted ransomware attack. However, the company said Reliance later informed it that external threat actors were claiming to possess stolen data.
The data centre operator added that it had been unable to independently verify the hackers’ claims but had shared the findings of its technical investigation with Reliance and was cooperating with the ongoing inquiry.
According to Reuters, the leaked documents do not appear to involve the nuclear reactors’ core systems, which are supplied by Russia’s state-owned nuclear corporation Rosatom.
World Leaks, which has previously claimed cyberattacks targeting multinational companies including Nike and India’s Tata Group, has not publicly responded to questions regarding the alleged Reliance breach.
The incident has renewed concerns over cybersecurity in India, where cyberattacks have become increasingly frequent. According to cybersecurity firm Surfshark, India recorded approximately 28.9 million compromised accounts last year, ranking third globally behind the United States and France.
The Kudankulam Nuclear Power Plant has previously faced cybersecurity concerns. In 2019, malware linked to a North Korean hacking group was detected on the facility’s administrative network, although Indian authorities said operational systems remained unaffected.




