Indian Nuclear Power Plant Hacked, Resulting in Data Leak
The ransomware group World Leaks has posted files related to India's Nuclear Power Plant in Kudankulam, including purported blueprints of ventilation and cooling systems for Units 3 and 4, a control room floor layout, supplier lists, and inspection records tied to Reliance Group, one of the plant's contractors. Reliance confirmed a "partial breach" on a server hosted by third-party provider Yotta, which noted suspicious activity on May 29. The Nuclear Power Corporation of India and CERT-In are investigating. The 19,000 sensitive files sit within a larger 858,000-file trove and, in the wrong hands, could help adversaries map support systems and identify weaknesses in the plant's security chain.
Reliance's role as a contractor meant sensitive plant documentation lived on infrastructure managed by a third-party data center — a common pattern across energy, defense, and industrial operators. Even with core reactor systems untouched, the exposure of vendor proposals, floor layouts, and inspection records materially raises risk. Compounding the problem, a Data Security Council of India survey found 73% of Indian organizations were unaware whether they had ever been attacked, and 57% lack basic cyber-hygiene — visibility gaps that let intrusions proceed unnoticed until data surfaces on a leak site.
Reducing this exposure requires visibility across contractor and hosted environments where sensitive data lives, not just the operator's own network. Effective controls include behavioral analytics on access to engineering documents, baselining of data movement between contractors and hosting providers, encryption of sensitive documentation, and packet-level capture with long retention for forensic scoping. Unified platforms like NIKSUN — consolidating all intelligence into a single data lake with AI-driven analytics and forensics — give critical infrastructure operators and their contractors the context needed to detect and prevent unauthorized access to sensitive info. Read more about this story on our LinkedIn page
We use cookies to offer you a better browsing experience and to analyze site traffic. By using our site, you consent to our use of cookies.
Essential Cookies
Site Analytics
Essential Cookies
These cookies are necessary for certain areas of the site to function. They are used for access to secure areas of the website and to help us comply with legal requirements like GDPR.
Site Analytics
These cookies are used to collect information about how users use our site. We use these to improve how our website works.