World Leaks Ransomware Group Publishes Kudankulam Nuclear Plant Files
World Leaks published 19,000 files from a contractor for India's Kudankulam Nuclear Power Plant, though officials claim no core nuclear safety systems were compromised.
The ransomware group World Leaks published approximately 19,000 files totaling 14.3GB on the dark web, originating from India's Kudankulam Nuclear Power Plant. The stolen data, dated from 2016 to mid-2025, includes engineering blueprints for ventilation and cooling systems, common control room floor layouts, supplier lists, and a $112 million terrorism-related insurance policy for Units 3 and 4.
Investigation reveals the breach occurred via a server hosted by Yotta Data Services Private Limited, used by Reliance Infrastructure, an Engineering, Procurement and Construction contractor awarded a contract in 2018 for non-nuclear systems. Yotta reported detecting suspicious activity and attempting to prevent ransomware execution on May 29, 2026. Reliance Infrastructure subsequently confirmed a partial breach and notified the government.
The Nuclear Power Corporation of India Limited (NPCIL) and Minister of State for Atomic Energy Jitendra Singh have denied that nuclear safety or security information was compromised. They clarified that the leaked documents pertain only to conventional Balance of Plant common service facilities, similar to those found in thermal power plants, and do not include core reactor designs supplied by Russia's Rosatom.
While the Indian Computer Emergency Response Team is investigating the incident, the Nuclear Threat Initiative and other security experts warned the breach could expose security weaknesses or facilitate supply-chain attacks. Tamil Nadu Congress president Manickam Tagore described the lapse as deeply shocking and called for an urgent investigation by the National Security Council Secretariat.