

CHENNAI/BENGALURU: Ringing alarm bells in India, especially in the national security and nuclear establishments, 19,000 files related to the Kudankulam Nuclear Power Project (KKNPP) in south Tamil Nadu, the largest such facility in the country, was posted on the dark web by a notorious ransomware group.
Reacting to the development, the Nuclear Power Corporation of India Ltd (NPCIL) said no drawings, data or information related to nuclear safety or nuclear security systems had been compromised.
The leaked documents allegedly include blueprints and suppliers, said leading news agency Reuters which first reported the matter, adding that the ransomware group, World Leaks, claimed that the information was part of the more than 8.50 lakh documents that it obtained through hacking the Reliance Anil Ambani group.
The company, which is one of the contractors of the plant, told the news agency that there was a partial data breach from a third-party service provider that it has engaged, and added that the Indian government has been kept in the loop.
According to media reports, the documents that World Leaks leaked and published include information about the ventilation and cooling systems used in Units 3 and 4 of the nuclear power plant, which are being built by the Anil Ambani Group firm, Reliance Infrastructure.
While details like the extent, threat, and the players involved in the leak is not yet clear, the information about nuclear power plants being leaked itself is a serious enough threat for the Computer Emergency Response Team India (CERT-In), the country’s premier cybersecurity agency, to step in to investigate.
Meanwhile, the NPCIL clarified that the alleged leak of drawings and data related to Units 3 and 4 do not involve any nuclear safety or nuclear security systems.
In a statement, NPCIL said the engineering, procurement and construction works done by Reliance Infrastructure covers only the commissioning of common service facilities, which are conventional in nature and similar to those used in thermal power plants and other process industries.
These facilities are not connected to nuclear safety or nuclear security systems, it said.