It is reported that thousands of highly confidential files related to the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu have been leaked on the dark web.
This massive security breach was caused by a ransomware attack targeting Anil Ambani's Reliance Group, a major contractor involved in constructing new reactor units at the nuclear plant.
The Data Leak and Hackers
- Those Behind It: A prominent ransomware syndicate known as "World Leaks" is behind this cyberattack.
- Leaked Files: Out of 858,000 files stolen from the Reliance Group by hackers, more than 19,000 highly confidential documents (approximately 14.3 GB of data) were found to be directly related to the Kudankulam Nuclear Power Plant.
- Content: The leaked documents include blueprints of support facilities at the plant, ventilation and cooling system designs, floor plans of the common control room, supplier details, equipment reviews, and an insurance policy covering potential terrorist attacks.
How Did the Incident Occur?
- Server Security: This data was stored on servers provided by Yotta Data Services, a leading third-party data centre provider in India.
- Timeline: Yotta first detected unusual activity on the server and blocked the security threat on May 29. However, by late June, Reliance Infrastructure confirmed that historical data had been compromised by hackers.
- Official Confirmation: Reliance Group officially confirmed a "partial breach" of data and reported the matter to the Central Government.
Security Concerns and Responses
The Nuclear Power Corporation of India Limited (NPCIL) clarified that this data leak has not affected the core nuclear safety systems of the plant. The main control systems, supplied by Russia's Rosatom, operate on an isolated network that is not connected to the internet. The leaked information pertains instead to general auxiliary services (Balance of Plant).
Nevertheless, experts from the Nuclear Threat Initiative warn that the exposure of this information poses a significant security risk. It is assessed that adversaries could use these documents to understand the physical structure of the plant and identify potential security vulnerabilities.
India's official cybersecurity agency, CERT-In, is conducting a detailed investigation into the incident in coordination with NPCIL. This is the second major cyberattack targeting Kudankulam, following a North Korean malware infection on its administrative network in 2019.


.png)
The opinions posted here do not belong to 🔰www.indiansdaily.com. The author is solely responsible for the opinions.
As per the IT policy of the Central Government, insults against an individual, community, religion or country, defamatory and inflammatory remarks, obscene and vulgar language are punishable offenses. Legal action will be taken for such expressions of opinion.