Kudankulam nuclear plant files on the dark web: Inside the alleged data leak
Practice PYQs on this topic
500+ questions on Science & Tech with explanations
๐ Summary:
-
For more than a month, a large cache of files purportedly linked to the Kudankulam Nuclear Power Plant has been available on the dark web, leaked by the ransomware group World Leaks
-
The data is purportedly linked to the Anil Ambani-led Reliance Group, whose subsidiary Reliance Infrastructure Ltd was awarded the Engineering, Procurement and Construction (EPC) contract in 2018 for the plant's non-nuclear common service facilities, known as the Balance of Plant (BoP)
-
Scale: the leaked dataset accessed by The Indian Express includes 14.3 GB and 18,997 files related to the plant โ part of a much larger cache of 1.2 terabytes containing over 858,000 files purportedly linked to the Reliance Group
-
Contents: searching the dataset for "KKNP" retrieves inspection records, engineering design files for plant facilities, minutes of meetings, and correspondence between Reliance Infrastructure and the Nuclear Power Corporation of India Ltd (NPCIL) on project execution and construction. Folders include "NPCIL KKNPP Tender Documents", "KKNP Financials & Invoice Backup", "KKNP Reactor Building Tender", "KKNPP Project Status Working Sheet", "Site Images" and "KKNP โ Compliance Documents"
-
Caveat on authenticity: The Indian Express could not independently verify the documents. Several bear official stamps and signatures, but such markings alone do not establish that every document is authentic or that the entire dataset originated from the claimed source
-
Company and vendor response: a Reliance Group spokesperson said there had been a "partial breach" of its data on a server hosted by third-party data centre provider Yotta, and that the government was informed. Yotta told Reuters it noted suspicious activity on May 29 on a server it hosts belonging to Reliance Infrastructure; the activity was immediately terminated and the suspected ransomware execution prevented
-
Official clarification on safety: NPCIL, the state-owned plant operator, said the leaked information does not pertain to any nuclear safety or security systems, and that the compromised data relates only to the conventional Balance of Plant common service facilities
-
About the plant: located in Tirunelveli district of Tamil Nadu, Kudankulam consists of six units of Pressurised Water Reactors of VVER design, established in technical collaboration with Russia. Units 1 and 2 are operational; Units 3 and 4 are under construction and due to be operational by 2027; the remaining two are at different stages
-
Precedent: this is not the first cyber incident at Kudankulam โ in 2019, malware tied to a North Korea-linked hacker group was detected at the plant
๐ฏ UPSC Relevance: GS3 โ Internal Security (cyber security of critical infrastructure, third-party/vendor risk, ransomware) and Science & Technology (nuclear energy programme). Highlights that critical infrastructure risk now extends to contractors and cloud vendors, not only the operator.
๐ Prelims Facts:
-
Kudankulam Nuclear Power Plant is in Tirunelveli district, Tamil Nadu; six units of Pressurised Water Reactors of VVER design, built in technical collaboration with Russia
-
Units 1 and 2 are operational; Units 3 and 4 are due to be operational by 2027
-
Operator: Nuclear Power Corporation of India Ltd (NPCIL)
-
Reliance Infrastructure Ltd won the EPC contract in 2018 for the Balance of Plant (BoP) โ non-nuclear common service facilities
-
Leak attributed to ransomware group World Leaks; 14.3 GB / 18,997 KKNPP files within a 1.2 TB cache of 858,000+ files; server hosted by Yotta, suspicious activity noted May 29
-
A 2019 malware attack at Kudankulam was tied to a North Korea-linked hacker group
๐ Key Term: Balance of Plant (BoP) โ The auxiliary and common service systems of a power plant that lie outside the reactor island itself โ such as water systems, electrical switchyards and civil structures. Being non-nuclear, BoP work is routinely contracted out, which widens the cyber attack surface.
UPSC Classification
See PYQs related to โScience & Techโ
Every classification tag above links to actual UPSC questions asked on that topic โ with answer, explanation and elimination logic. Only in the app.