scorecardresearch
Add as a preferred source on Google
Thursday, July 16, 2026
Support Our Journalism
HomeFeatures19,500 Kudankulam files leaked from Reliance are harmless, says NPCIL. They are...

19,500 Kudankulam files leaked from Reliance are harmless, says NPCIL. They are about pipes, roads

This is not the first cyber attack to target the Kudankulam nuclear power plant. In 2019, malware traced to South Korea had infected the IT network of the plant.

Follow Us :
Text Size:

New Delhi: The Nuclear Power Corporation of India on Thursday confirmed that data related to the Kudankulam nuclear plant had leaked online from Reliance Infrastructure servers. However, NPCIL clarified that the information did not pose any nuclear safety threat since it was not directly related to the core nuclear facility, but rather to the plant’s conventional infrastructure.

“NPCIL reiterates that the information claimed to be available in the public domain pertains only to the conventional Balance of Plant … and does not relate to any nuclear safety-related information,” said an NPCIL press release.

On Wednesday, Reuters reported in an exclusive that more than 19,500 files about the Kudankulam nuclear plant — India’s largest nuclear project — were available on the dark web, posted by a ransomware group called World Leaks. According to the group, the files were from the Reliance Group, and contained drawings and blueprints relating to the Kudankulam plant, situated in the Tirunelveli district of Tamil Nadu.

According to the Reuters report, the files had been available online since 11 June, and while Reuters reviewed all the documents, it could not independently verify their authenticity.

However, NPCIL’s statement on Thursday confirmed that the documents were indeed related to India’s largest nuclear power plant. Reliance Infrastructure was awarded a contract in 2018, through public tender, to build the Balance of Plant package of Kudankulam, said NPCIL.

“As part of the public tendering process, NPCIL provided indicative drawings and technical specifications to the bidders. Based on these inputs, the contractor Reliance Infra prepared detailed engineering drawings in consultation with OEMs,” read the NPCIL statement.

The Balance of Plant package is essentially all the systems in a nuclear power plant apart from the nuclear facility itself. It includes water supply systems, pipelines, pumps, roads, drainage, and other infrastructure needed to run a nuclear facility, excluding the main reactor, coolant and other critical nuclear systems.

According to NPCIL, these facilities are common to many industrial plants, including thermal power plants, and their disclosure does not directly pose a nuclear safety threat.

“Some systems in the BoP are essential, like cooling systems, and if detailed diagrams of your facility are exposed, it could pose multiple risks. Malicious actors could learn about the facility’s design, the suppliers they use, the site layout,” said Lokendra Sharma, staff research analyst at the Takshashila Institution. “These are all theoretical possibilities at this stage though, as it is a developing issue and NPCIL and affected parties have shared little information.”


Also read: Data breach linked to ‘Reliance’ exposed files on India’s biggest nuclear plant—Reuters report


How the leak happened

The ransomware group World Leaks is a global “extortion-as-a-service” platform, meaning it uses stolen confidential information to extort individuals or companies into paying a ransom. Most ransomware groups work on the same principle, but while some encrypt company files to disable access until payment, others, like World Leaks, threaten to publish sensitive information online to pressure victims into paying up.

Some of the most recent World Leaks attacks, apart from the breach involving Reliance, targeted a Brazilian manufacturing company, Nuclebrás Equipamentos Pesados, and a Canadian construction company, ITC Group.

“The first thing NCPIL should do, which it might be doing already, is audit the exposed sections of unit 3 and 4 and make necessary modifications. Even if it delays completion of the units, it is fine because plant security is important. NPCIL also needs to revisit the older operational units 1 and 2 to check if there are similar systems that might be potentially impacted as well,” said Sharma.

This is not the first cyber attack to target the Kudankulam nuclear power plant. In 2019, malware traced to South Korea had infected the IT network of the Kudankulam plant. While NPCIL confirmed that the infected computer was only used for administrative purposes and the nuclear safety was not compromised, the incident raised significant questions about the cybersecurity of India’s nuclear assets.

An issue brief by the Institute for Defence Studies and Analyses (IDSA) in December 2019 warned about the breach of critical infrastructure in the nuclear domain. Serious data breaches could lead to decline or destruction of plant operations, and even the release of radioactive material into the environment.

“Nuclear programmes and research facilities themselves are of great strategic value, and they are closely guarded – physically as well as otherwise,” read the report. “Not surprisingly, they are often found to be a prime target of espionage operations.”

(Edited by Janaki Pande)

Subscribe to our channels on YouTube, Telegram & WhatsApp

Support Our Journalism

India needs fair, non-hyphenated and questioning journalism, packed with on-ground reporting. ThePrint – with exceptional reporters, columnists and editors – is doing just that.

Sustaining this needs support from wonderful readers like you.

Whether you live in India or overseas, you can take a paid subscription by clicking here.

Support Our Journalism

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular