SBS News

News > World

19,000 Confidential Files, Including Blueprints for India's Largest Nuclear Plant, Leaked on Dark Web

Sim Yeong-gu

Published : Jul 17, 2026 2:31 PM


▲ Kudankulam Nuclear Power Plant located in southern India

It has been revealed that 19,000 confidential files, including blueprints for India's largest nuclear power plant, have been hacked and leaked on the dark web.

According to Reuters on July 17 (local time), a hacking group known as World Leaks hacked 858,000 files from Reliance Group, which participated in the construction of India's largest nuclear plant, the Kudankulam Nuclear Power Plant, and began uploading them to the dark web last month.

The dark web is a network of websites that exists on an encrypted network, allowing users to access it without leaving traces. It is not indexed by standard search engines and can only be accessed through specific pathways.

Among the leaked files, 19,000 were identified as confidential. These reportedly include what appear to be blueprints for the ventilation and cooling systems of units 3 and 4 of the Kudankulam plant, which Reliance Infrastructure was contracted to build in 2018, as well as the overall floor plan for the common control room.

The files also contain documents that appear to be supplier proposals, lists of approved vendors, and records of joint inspection meetings between the Nuclear Power Corporation of India and Reliance.

However, Reuters reported that the leaked data does not appear to contain information related to the core reactor systems supplied by the Russian state-owned nuclear corporation Rosatom.

Reuters added that it could not independently verify the authenticity of the leaked data.

The Kudankulam Nuclear Power Plant, located in the southern Indian state of Tamil Nadu, is the largest of India's seven nuclear power plants.

It plays a central role in the nuclear power capacity expansion plan promoted by Indian Prime Minister Narendra Modi.

Reliance Group explained to Reuters that some of its data stored on the servers of Yotta, an Indian data center service provider, had been partially leaked and that the incident had been reported to the government.

Nicholas Ross, a director at the U.S.-based think tank Nuclear Threat Initiative (NTI), expressed concern, stating, "(A nuclear data leak) could show hostile actors who has access to nuclear projects and what systems that access extends to."

According to Surfshark, a cybersecurity company based in the Netherlands, India has the third-highest number of data breaches in the world, following the United States and France.

This is the second cybersecurity incident involving the Kudankulam Nuclear Power Plant.

In 2019, malicious software (malware) linked to a North Korean hacking group was discovered on the plant's administrative network.

At the time, the Nuclear Power Corporation of India launched an immediate investigation but stated that the malware did not affect the power generation systems.

World Leaks is a well-known ransomware group that steals corporate information and demands payment; if the demand is refused, they release the data on their own site on the dark web.

Last month, the group stole 200,000 files from the network of the Indian company Tata Electronics, including component design data for clients such as Apple and Tesla, and demanded 1.5 million dollars (approximately 2.22 billion KRW). When the demand was refused, they released the related information on the dark web.

(Photo: Capture from Indian broadcaster NDTV, Yonhap News)