A massive data breach has exposed approximately 19,000 highly sensitive files related to the Kudankulam Nuclear Power Plant (KKNPP) on the dark web. The documents mainly involve Units 3 and 4 of the 2,400 MW plant, both still under construction and slated to become operational by 2027.
The data breach occurred on a server managed by third-party data center provider Yotta, which detected suspicious activity on a server belonging to Reliance Infrastructure, a subsidiary of India’s Reliance Group. World Leaks (formerly Hunters International), a cybercriminal group that focuses on stealing sensitive data and extorting victims, published the cache after demands for money were ignored.
The Nuclear Power Corporation of India (NPCIL) and the country’s central cybersecurity agency, CERT-In, are currently investigating the incident, noting that the documents do not appear to impact the core nuclear reactor systems, which are separately engineered by Russia’s state-owned Rosatom.
However, security researchers from the Nuclear Threat Initiative (NTI) have warned that bad actors could exploit this data to map out support systems, identify vendor vulnerabilities and target critical links in the plant’s supply chain. Government bodies and Prime Minister Narendra Modi’s office have declined to comment publicly on the matter.
The KKNPP data breach is the second cyber incident linked to the nuclear plant. In 2019, the facility experienced a malware infection on its administrative network, with the plant’s operational controls and instrumentation systems completely isolated and “air-gapped” from the administrative network and the internet.
It’s also the second attack by World Leaks on an Indian company.
Last month, a massive data breach hit Tata Electronics, an Indian manufacturer and critical supplier for Apple and Tesla. World Leaks published over 630 GB of stolen data, including unreleased iPhone 18 Pro supply chain details, component maps, and proprietary Tesla files, reportedly following an ignored ransom demand. The group allegedly demanded a $1.5 million ransom, though Tata Electronics has not publicly addressed the specific financial demands.
Tata Electronics confirmed the cybersecurity incident but stated that manufacturing operations and business systems remained unaffected. The Indian government and Apple have launched forensic investigations into the extent of the intellectual property exposure.
By Alex Kimani for Oilprice.com
More Top Reads From Oilprice.com
- Brent Futures Flip to Backwardation as Middle East Supply Risks Return
- U.S. Gasoline Prices Could Hit $4 Per Gallon Within Days
- Utility-Scale Solar Costs Rise 18% but Remain Cheapest Power Source










