The breach involves a cache of approximately 19,000 files released on the dark web, allegedly pulled from a larger repository of 858,000 documents belonging to Reliance Group. The files center on Units 3 and 4 of the Kudankulam facility, which are currently under construction with an expected 2027 operational date. Reliance Group confirmed a partial breach occurred on a server managed by data center provider Yotta, noting that suspicious activity was detected on May 29.
While the documents do not include sensitive reactor designs provided by Russia’s Rosatom, they contain detailed engineering blueprints for ventilation and cooling systems, control room layouts, and vendor proposals. Cybersecurity experts, including Nickolas Roth of the Nuclear Threat Initiative, warn that such data provides a roadmap for adversaries to identify vulnerabilities in support systems and supply chains. India’s Computer Emergency Response Team (CERT-In) is currently investigating the incident alongside the Nuclear Power Corporation of India.
This event underscores a growing trend where cybercriminals target the broader infrastructure ecosystem rather than heavily fortified operational networks. The incident follows a 2019 breach at the same plant involving North Korean-linked malware, highlighting the persistent challenge of securing third-party contractors as India scales its nuclear energy capacity. With 28.9 million compromised accounts recorded nationwide last year, the Kudankulam leak serves as a stark reminder of the risks inherent in digital project management for strategic national assets.





Comments (0)
No comments yet. Be the first!