World Leaks claims it stole confidential data linked to the Kudankulam Nuclear Power Plant after breaching Reliance Group’s internal network, a contractor for the project.
Recently, Reuters reported that the World Leaks hacker group had released a large cache of files on the dark web that it claimed were connected to the Kudankulam Nuclear Power Plant. The group attributed the stolen database to Reliance Group, claiming that it contained confidential information, including facility-related blueprints and supplier details.
The Kudankulam Nuclear Power Plant is India’s largest nuclear power station, located in Kudankulam, Tirunelveli district, Tamil Nadu. The plant is operated by the Nuclear Power Corporation of India Limited (NPCIL) and was developed through a collaboration between India and Russia. The facility is a key part of India’s nuclear energy programme, supporting energy security and reducing dependence on fossil fuels.
Acknowledging the claims made by the hacker group, Indian businessman Anil Ambani’s Reliance Group, one of the plant’s contractors, stated in a media release that there had been a “partial breach” of its data on a server hosted by third-party Indian data centre service provider Yotta. While the company did not disclose details about the nature of the compromised data, it said that the Indian government had been notified of the breach and that relevant law enforcement authorities would conduct the necessary investigation.
Cyber security researcher Rakesh Krishnan, after analysing the threat actor’s dark web post, revealed that around 19,000 files, collectively amounting to 14.3 gigabytes, have been circulating online since June 11. The files reportedly appear under the search term “KKNP,” an acronym associated with the nuclear plant.
Reuters reviewed the documents, dated from 2016 to mid-2025, but could not independently verify their authenticity. The 19,000 files, reportedly containing sensitive blueprints, supplier details, inspection records, equipment reviews and insurance documents, were among the most critical of the 858,000 Reliance files published on the World Leaks website.
World Leaks is a cyber extortion group that emerged as a rebrand of the former ransomware operation Hunters International. Since rebranding, World Leaks has claimed responsibility for over 100 breaches worldwide.
