The Nuclear Power Corporation of India Limited (NPCIL) has assured the public that the alleged leak of documents related to the Kudankulam Nuclear Power Project (KKNPP) has not affected any nuclear safety or nuclear security systems. The clarification came after reports claimed that thousands of project-related files had surfaced on the dark web following a cyberattack targeting a third-party contractor.
According to reports, the leaked files include engineering drawings and technical documents associated with Units 3 and 4 of the Kudankulam Nuclear Power Project. The ransomware group known as World Leaks reportedly published around 19,000 files allegedly obtained through a cyber breach involving a third-party service provider connected to one of the project’s contractors.
NPCIL clarified that the compromised information relates only to the Balance of Plant (BoP) facilities, which include conventional infrastructure such as ventilation, cooling and common service systems. These facilities are similar to those found in thermal power plants and are completely separate from the nuclear reactor’s safety and security systems, the corporation said.
The corporation further stated that the engineering, procurement and construction work handled by the contractor covers only conventional facilities and does not provide access to critical nuclear operations. NPCIL stressed that the reactor control systems, nuclear security infrastructure and other sensitive operational networks remain fully protected and uncompromised.
Following the reports, India’s cybersecurity agencies are expected to examine the incident to determine the extent of the data breach and strengthen cyber defences around strategic infrastructure. The contractor involved has acknowledged a limited cyber incident affecting a third-party data centre provider and said the relevant government authorities have been informed.
The Kudankulam Nuclear Power Project, located in Tamil Nadu’s Tirunelveli district, is India’s largest nuclear power station and is being developed in collaboration with Russia’s Rosatom. While the reported data leak has raised concerns about cybersecurity, NPCIL has reiterated that there is no threat to nuclear safety, plant operations or national nuclear security, assuring that the country’s critical nuclear infrastructure continues to operate safely and securely.



