New Delhi, July 2026 — India’s largest nuclear power installation has been hit by a massive data breach, exposing sensitive files on the dark web,. What was once considered an impenetrable fortress of national security is now at the center of an aggressive cyber investigation after a ransomware syndicate successfully struck a third-party contractor,.
The Contractor Loophole For all its high-tech security, the Kudankulam Nuclear Power Plant (KKNPP) was compromised through a weaker link in its supply chain,. Reliance Infrastructure, the engineering firm contracted to manage documentation for the plant’s ongoing expansion of Units 3 and 4, became the entry point for hackers,.
A cybercriminal group known as “World Leaks” infiltrated Reliance’s networks, exfiltrating roughly 850,000 files,. Out of this massive digital haul, 19,000 files totaling 14.3 GB were directly tied to the Kudankulam nuclear facility,.
Blueprints on the Dark Web While the plant’s core Operational Technology (OT)—the isolated systems that actually control the nuclear reactors—remains untouched and safe, the stolen data is highly critical,. The leak includes:
- Engineering drawings and structural blueprints,
- Detailed ventilation and cooling network layouts,
- Internal floor plans and common control room designs
- Approved supplier lists and vendor credentials
Experts warn that even without reactor control codes, leaking a facility’s structural architecture gives hostile actors a literal map of its physical and systemic vulnerabilities.
The Mechanics of Data Extortion The breach was executed as a ransomware attack, a malicious digital kidnapping where hackers encrypt data and demand a payout,. Modern syndicates like World Leaks rely on double extortion: they threaten to permanently publish sensitive information on the dark web—the internet’s illicit underbelly—even if the target manages to restore their own systems,.
A Repeated Warning This is not Kudankulam’s first brush with cyber warfare. In 2019, the facility’s IT network was infected by the “DTrack” malware, linked to North Korean-backed actors,. This latest breach confirms that critical infrastructure remains heavily exposed through corporate partners.
Currently, the Indian Computer Emergency Response Team (CERT-In) is spearheading a federal investigation into how the contractor’s defenses failed,. Reliance Infrastructure has acknowledged a partial data breach.
Bottom Line The Kudankulam incident exposes a glaring reality in national defense: a nuclear plant is only as secure as the private contractors it hires. While the reactors keep running, the blueprints of India’s energy future are now out in the open,.