858,000 Files and Confidential Blueprints: Inside Data Breach at India's Largest Nuclear Plant in Tamil Nadu's Kudankulam
Reliance Group has acknowledged a partial data breach involving a server hosted by Yotta, while a ransomware group claims to have published thousands of potentially sensitive files linked to India's largest nuclear power plant.
- Tech News
- 5 min read
A massive alleged data breach involving Anil Ambani's Reliance Group has raised cybersecurity concerns after ransomware group World Leaks published what it claims are hundreds of thousands of stolen files, including potentially sensitive documents related to India's largest nuclear power facility, the Kudankulam Nuclear Power Plant in Tamil Nadu.
World Leaks has claimed to possess around 858,000 files belonging to Reliance, of which approximately 19,000 appeared to contain potentially sensitive information connected to the Kudankulam project. The documents, reportedly dating from 2016 to mid-2025, allegedly include blueprints, supplier information, meeting and inspection records, equipment reviews and insurance documents. The authenticity of the leaked documents, however, could not be independently verified.
Reliance Confirms Partial Data Breach
Reliance Group has acknowledged that a partial breach of its data took place on a server hosted by third-party Indian data centre provider Yotta. The company said the government had been informed about the incident but did not disclose exactly what information had been compromised.
Yotta, meanwhile, said it detected suspicious activity on May 29 involving a server belonging to Reliance Infrastructure. According to the company, the activity was immediately terminated and the suspected execution of ransomware was prevented.
Yotta said Reliance Infrastructure subsequently informed it in late June about claims of a data breach made by external threat actors. The data centre provider said it had been unable to independently verify the claims but had shared the findings of its technical investigation with Reliance Infrastructure and was supporting the ongoing probe.
India's main cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), is reportedly examining the incident. The Nuclear Power Corporation of India, which operates India's nuclear power plants, is also understood to have been communicating with Reliance about the breach.
Why Kudankulam Documents Were With Reliance
Reliance Infrastructure is involved in the expansion of the Kudankulam Nuclear Power Plant. The company won a contract in 2018 to design and construct infrastructure associated with Units 3 and 4 of the facility. The two units remain under construction and are expected to provide a combined generation capacity of 2,000MW once operational.
This involvement potentially explains why documents connected to the nuclear facility were reportedly present among the Reliance data allegedly obtained by World Leaks. The leaked files do not appear to concern the nuclear reactors' core systems, which are supplied by Russia's state-owned Rosatom.
However, some of the purported documents reportedly contain blueprints for ventilation and cooling systems associated with Units 3 and 4, along with what appears to be the complete floor layout of a common control room.
Supplier Details and Inspection Records Allegedly Leaked
The alleged leak extends beyond engineering drawings. The files reportedly include vendor proposals, lists of approved suppliers and records of meetings involving Reliance and the Nuclear Power Corporation of India.
One purported record from 2024 reportedly concerns a joint inspection conducted by the two organisations and includes photographs of equipment.
Another document allegedly details an insurance policy covering Reliance Infrastructure and the Nuclear Power Corporation of India that could provide $112 million in coverage if either Unit 3 or Unit 4 were affected by an act of terrorism.
While such documents may not provide access to the nuclear facility's core operational systems, cybersecurity and nuclear security experts have warned that information about supporting infrastructure and suppliers could still prove valuable to malicious actors.
The concern is that attackers could potentially combine information from multiple documents to understand how supporting systems are structured, identify companies involved in the project and look for weaker points elsewhere in the supply chain.
World Leaks Has Targeted Indian Companies Before
World Leaks is a known ransomware group that typically publishes corporate information allegedly stolen from organisations that refuse to meet its ransom demands. The group has previously claimed attacks involving major companies, including India's Tata Group.
In June, World Leaks claimed it had demanded a ransom of $1.5 million over stolen Tata files that allegedly included confidential component designs connected to clients such as Apple and Tesla. The group claimed it subsequently published the information after its demand was ignored.
World Leaks has not publicly provided further clarification about the alleged Reliance breach.
Second Cybersecurity Scare Linked to Kudankulam
The latest incident is particularly significant because it is not the first time Kudankulam has been associated with a cybersecurity scare. In 2019, malware linked to a North Korean hacking group was detected on the administrative network associated with the nuclear facility.
At the time, the Nuclear Power Corporation of India said the incident had been investigated and maintained that the plant's critical operational systems were not affected.
The circumstances surrounding the latest incident are different. There is currently no indication that World Leaks directly breached Kudankulam's computer systems. Instead, the alleged data appears to have originated from Reliance Infrastructure, one of the contractors involved with the project.
The distinction is important, but the incident highlights a wider cybersecurity challenge facing critical infrastructure. Even when the core networks of a nuclear facility are protected, contractors, suppliers, cloud infrastructure providers and other third parties can potentially become alternative targets for attackers seeking sensitive information.
As India pushes ahead with plans to significantly expand its nuclear energy capacity, the alleged Reliance breach could intensify scrutiny of cybersecurity standards not only at nuclear facilities themselves but across the extensive network of private companies and technology providers involved in building and maintaining them.
Published By : Shubham Verma
Published On: 15 July 2026 at 17:55 IST