Back to Industry

Industry - Data Breach

moderateAnti-PrivacyData Breach

Executive Summary

A ransomware group called World Leaks posted nearly 19,000 files on the dark web related to India's Kudankulam Nuclear Power Plant, including purported blueprints and supplier details, following a data breach at contractor Reliance Group's third-party server. Reliance confirmed a "partial breach" and notified Indian authorities, while security experts warn the exposed information could pose serious safety risks to the facility. The breach highlights India's growing vulnerability to cyberattac...

What Happened

In July 2026, the ransomware group World Leaks published nearly 19,000 files on the dark web related to India's Kudankulam Nuclear Power Plant, the country's largest nuclear facility. The files, dated from 2016 to mid-2025, allegedly included blueprints, supplier details, meeting records, and equipment reviews originating from contractor Reliance Group. Reliance confirmed a partial breach of data stored on a third-party server operated by Indian data center provider Yotta and notified Indian government authorities including the Indian Computer Emergency Response Team.

Who Is Affected

The breach primarily affects Reliance Group and its subsidiary Reliance Infrastructure, which has contracts to build infrastructure for the plant's Units 3 and 4. Security experts warn the exposed information could pose serious safety risks to the Kudankulam facility itself, potentially affecting the surrounding population in Tamil Nadu state and India's broader nuclear energy infrastructure. The incident also impacts other Reliance clients whose data may have been compromised, as World Leaks claimed to have accessed a total of 858,000 Reliance files.

Why It Matters

This breach highlights critical vulnerabilities in the security of sensitive nuclear infrastructure data, with experts describing the potential safety risks as serious. The incident underscores India's growing exposure to ransomware attacks and reveals how critical national infrastructure contractors may be ill-equipped to protect highly sensitive information. The breach occurred at a third-party data center rather than directly at Reliance or the nuclear facility, demonstrating how supply chain vulnerabilities can expose even the most security-critical operations.

What You Should Do

If you are a contractor, supplier, or employee associated with Reliance Group or the Kudankulam project, contact Reliance and relevant authorities to determine if your personal or professional information was included in the breach. Organizations working with critical infrastructure should immediately audit their third-party data storage arrangements and verify that vendors meet appropriate security standards. All individuals and companies in India's energy sector should review their cybersecurity protocols, enable multi-factor authentication on all systems, and ensure regular security assessments of any third-party service providers handling sensitive data.

Summary generated from verified sources and reviewed before publication. How we summarize.

A ransomware group called World Leaks posted nearly 19,000 files on the dark... - Industry | PrivacyWire