Skydagger — skydagger.com

Massive Data Breach Exposes Blueprints of India's Largest Nuclear Plant

A massive data breach has exposed sensitive blueprints and operational files belonging to India's largest nuclear power plant. Hackers leaked thousands of documents tied to a Reliance Infrastructure server, raising severe security concerns for the Kudankulam atomic facility.

July 15, 2026 Ahmet Koçak

Cover Image

Kudankulam Nuclear Power Plant in Tamil Nadu, November 24, 2016 - WikiMedia

A prominent ransomware syndicate has leaked a massive cache of highly sensitive internal documents detailing the infrastructure of India’s largest nuclear power facility.

The dark web data dump exposes critical blueprints and supplier networks tied to the Kudankulam Nuclear Power Plant in Tamil Nadu.

The breach originated from a third-party server hosting data for Reliance Infrastructure, a primary contractor for the atomic facility.

The ransomware collective known as World Leaks published approximately 19,000 highly sensitive files from a broader cache of 858,000 documents attributed to the Reliance Group. The leaked materials span from 2016 to mid-2025.

Among the compromised files are detailed blueprints for ventilation and cooling systems, alongside complete floor layouts for a common control room.

While the exposed documents do not map the reactor core systems, supplied by Russia's Rosatom, they outline vital support mechanisms.

The leak includes vendor proposals, approved supplier lists, and recent joint inspection records, complete with photographs of the equipment.

Cyber Vulnerabilities Exposed

Security experts warn that the breach presents a severe operational hazard to the nuclear site.

Nickolas Roth, a senior director at the Nuclear Threat Initiative, noted the documents could "show an adversary not just who has access to the project but which systems that access reaches."

Reliance Group confirmed a "partial breach" of its data housed by Yotta, an Indian data center provider.

Yotta reported intercepting suspicious activity on a Reliance Infrastructure server in late May, claiming to have halted a suspected ransomware execution.

Despite this intervention, threat actors successfully exfiltrated vast amounts of project data.

Indian authorities, including the Indian Computer Emergency Response Team (CERT-In), have launched an investigation.

Strategic Atomic Expansion

The compromised files primarily pertain to the plant's Units 3 and 4 facilities. Reliance Infrastructure secured the contract to design and construct these segments in 2018.

Both units are slated to generate a combined 2,000 megawatts of power and are expected to become operational by 2027.

The Kudankulam facility remains central to Prime Minister Narendra Modi’s strategic push to rapidly expand India's atomic energy output.

The breach also revealed that Reliance Infrastructure and the Nuclear Power Corporation held a $112 million insurance policy guarding against potential acts of terrorism at the two units.

This latest infiltration highlights systemic vulnerabilities across the country's digital infrastructure.

India ranked third globally for data breaches last year, with nearly 29 million compromised accounts.

The Kudankulam facility previously suffered a digital infiltration in 2019 when malware linked to North Korean hackers breached the plant's administrative network.

Massive Data Breach Exposes Blueprints of India's Largest Nuclear Plant