Advertisement
X

Ransomware Group Reportedly Leaks Kudankulam Nuclear Plant Blueprints

The compromised files concern the Kudankulam Nuclear Power Plant in Tamil Nadu one of the biggest of the seven nuclear stations in India

Ransomware Group Reportedly Leaks Kudankulam Nuclear Plant Blueprints
Summary
  • Ransomware group World Leaks posted 19,000 sensitive files belonging to Anil Ambani's Reliance Group on the dark web.

  • The leaked data contains blueprints for the ventilation, cooling systems, and floor layouts of Kudankulam Nuclear Power Plant's Unit 3 and Unit 4.

  • Reliance Group confirmed a partial data breach on a server hosted by third-party data centre service provider Yotta.

According to a report by Reuters, hackers have targeted India's nuclear infrastructure with ransomware group World Leaks uploading 19,000 highly sensitive files to the dark web, asserting the data belongs to Anil Ambani's Reliance Group. The leaked documents, accessible only through a specialized browser, represent the most critical portion of 858,000 total files stolen from the conglomerate.

The compromised files concern the Kudankulam Nuclear Power Plant in Tamil Nadu one of the biggest of the seven nuclear stations in India. The facility remains key to the plans of Prime Minister Narendra Modi to boost the atomic power output of the country.

Anil Ambani's Reliance Group confirmed the incident. The conglomerate admitted to a "partial breach" of its data on a server managed by Yotta, an Indian third-party data centre service provider, in a statement to Reuters. The firm added that it has alerted the government but did not disclose what data had been breached.

The leak could compromise the safety of the facility as "serious" dangers now threaten the site, Niklas Roth said. The Nuclear Threat Initiative, where Roth serves as a senior director, counsels governments and evaluates national nuclear safety readiness.

Blueprints and Infrastructure

Reliance Infrastructure, a subsidiary of the conglomerate, secured a deal in 2018 to construct and design facilities for Unit 3 and Unit 4 of the Nuclear Reactor with work on both units still ongoing. They are scheduled to start operations by 2027 and are expected to deliver a total of 2,000 MW of power.

The core reactor systems, delivered by Russia's state-owned Rosatom, do not appear in the leaked documents, the report stated. Instead, the files reportedly expose blueprints for the cooling and ventilation networks of Unit 3 and Unit 4.

According to the report, the files contain vendor bids, an approved supplier list and records of a 2024 joint inspection by the Nuclear Power Corporation of India (NPCIL) and Reliance, including equipment photographs. Another document indicates Reliance Infrastructure and NPCIL secured an insurance policy. This policy would pay out $112mn if terrorism affected Unit 3 or Unit 4. Security analysts warned that hostile actors could use this data to map auxiliary networks, identify contractors and find vulnerabilities.

Advertisement

Timeline of Breach

Yotta observed unusual activity on May 29 on a server hosting Reliance Infrastructure data, the company stated. Technicians cut off the connection immediately to block the suspected ransomware attack. Reliance Infrastructure then contacted Yotta in late June regarding data breach claims by outside hackers.

The data centre firm added that it could not confirm the assertions made by the hackers. However, Yotta has provided its in-depth technical analysis to Reliance Infrastructure and continues to assist with the active investigation.

World Leaks did not answer questions from Reuters about the Reliance incident. The syndicate usually publishes stolen corporate files online when victims refuse to pay extortion demands. It has previously hit Nike and Tata Group. In June, the gang reported to Reuters that it demanded $1.5mn to keep Tata Group files private. Those documents held proprietary component designs for Apple and Tesla. The hackers leaked the data after Tata ignored the demand.

Advertisement

NPCIL has been in contact with Reliance regarding the security incident and The Indian Computer Emergency Response Team (CERT-In) is currently investigating the matter, a source familiar with the situation told India Today.

India-Russia Partnership

The Kudankulam Nuclear Power Plant is a flagship project built in strategic partnership with Russia with it providing core reactor designs as well as multiple key equipments. Moreover an enterprise of the Rosatom, Novosibirsk Chemical Concentrates Plant, holds long term contracts to supply nuclear fuel to the plant.

The plant is one of the best examples of Indo-Russian partnership in work with the two operational reactors providing 2000 MW of electricity to the Indian grid with a planned expansion to 6000 MW underway.

The reported cyber attack has certainly cast shadows over India’s nuclear power ambitions as security of such key institutions is paramount for a successful nuclear program.

Advertisement

Though the attack has reportedly not leaked files relating to the plant’s core where Russian equipment is primarily utilised.  

Published At:
US