A view of the Kudankulam Nuclear Power Plant, in Tirunelveli district, Tamil Nadu. File

| Photo Credit: The Hindu

The story so far: On Tuesday (July 15, 2026), reports broke out that multiple gigabytes of data pertaining to operations at the Kudankulam Nuclear Power Plant had been copied and subsequently leaked as part of a ransomware attack. Newswire agency Reuters reported that the breach was part of an infiltration into Reliance Anil Dhirubhai Ambani Group’s Reliance Infrastructure Ltd, and contained 14.3 GB of data on the power plant’s operations.The data has been hosted on World Leaks, which is a Dark Web site hosted by cybercriminals who infect vulnerable firms with ransomware, threatening to leak the data if the ransom is not paid. The site claimed that the ransom was indeed not paid, and so it leaked the data. The Hindu opened the site and reviewed the index of files, which amount overall to 1.2TB, a slice of which pertained to the Kudankulam plant.Was the reactor affected by the data leak?“The files do not pertain to the core reactor’s operations, which are the most sensitive in a nuclear setup,” Nuclear Power Corporation of India Limited (NPCIL) said in a statement. “NPCIL reiterates that the information claimed to be available in the public domain pertains only to conventional Balance of Plant (BOP) common service facilities and does not relate to any nuclear safety, or nuclear security-related systems or information,” it said in a statement.A spokesperson for the Reliance Group told The Hindu that it “was informed by Yotta Data Services Private Limited (Yotta), its third-party data centre service provider, of a cybersecurity incident involving an attempted ransomware attack that resulted in a partial breach of data hosted on one of Yotta’s servers,” and that “Yotta has confirmed that enhanced security monitoring and preventive controls are now in place. The Company has directed Yotta to conduct a detailed investigation and submit a report.”“No ransomware execution, data loss or lateral movement occurred,” Reliance said in a stock exchange filing. The files reportedly include multiple drawings of “blueprints and supplier details, meeting and inspection records, equipment reviews,” and a $112 million insurance policy against terrorist attacks, though it is unclear what the premium amount for this insured sum is.What did Yotta say about the cyber incident?Yotta, which runs data centres across the country, characterised Reliance as its “customer’s private cloud environment,” but said it took steps to address the infiltration as it was detected on May 29.“Yotta’s managed endpoint security controls detected suspicious activity on a file server of our customer, Reliance Infrastructure,” the company said in a statement to The Hindu. “We acted immediately: the suspicious process was terminated, and the affected server was isolated, preventing the suspected ransomware from executing. Our technical assessment confirmed no evidence of ransomware encryption and no lateral movement to any other server or system within the customer’s private cloud environment. The incident was limited to this single customer-managed server, with no impact on any other Yotta customer or on Yotta’s shared cloud platforms, AI cloud infrastructure, datacentre infrastructure or other services.”Why does the Kudankulam data leak matter?The revelations have sparked “absolute commotion” among top officials at the power plant, even as they downplay the impact of the findings.The plant has commissioned two 1,000 Mwe VVER reactors, allowing for a power supply of up to two gigawatts. The reactors are built in partnership with the Russian firm Rosatom, and the government is planning four more such units, which would triple the installed power production capacity at the facility.. Published - July 16, 2026 01:54 pm IST