Stolen files about India's biggest nuclear power plant leaked
What's the story
A ransomware group named World Leaks has released a massive trove of stolen data on the dark web, claiming it includes blueprints of India's largest nuclear power plant, Kudankulam, as per Reuters. The hackers alleged that the data was obtained from Anil Ambani's Reliance Group, a contractor at the facility. The documents posted on World Leaks do not seem to pertain to the core systems of the nuclear reactors.
Breach confirmation
Reliance confirms partial breach of data
Reliance Group has confirmed a "partial breach" of its data on a server hosted by Yotta, a third-party Indian data center service provider.
The company has informed the government about the incident but did not disclose what specific data was compromised.
The Nuclear Power Corporation of India Limited (NPCIL) is in touch with Reliance regarding this breach and India's main cybersecurity agency, CERT-In, is investigating the matter.
Ransom demand
World Leaks previously targeted Tata Group
World Leaks has posted 19,000 files on its website, which are said to be the most sensitive among a total of 858,000 Reliance files.
The group usually publishes stolen corporate data after companies refuse to pay the demanded ransom.
In June, World Leaks had demanded $1.5 million from Tata Group for confidential component designs of Apple and Tesla clients but published the data after Tata "ignored" its demand.
Data contents
Documents include blueprints for ventilation and cooling systems
The documents posted on World Leaks include blueprints for the ventilation and cooling systems of Units 3 and 4 at Kudankulam.
They also contain a complete floor layout of a "common control room."
Other files include vendor proposals, a list of approved suppliers, and a record of a joint inspection by NPCIL and Reliance.
One document indicates an insurance policy entitling $112 million if either unit suffers an act of terrorism.
Security concerns
Data breach could pose serious risk to Kudankulam plant
Nickolas Roth, a Senior Director at the Nuclear Threat Initiative, has said that this data breach could pose a "serious" risk to the safety of the Kudankulam plant.
The leaked documents could potentially be used by adversaries to map support systems and identify suppliers and weaknesses in security chains.
India is among the top three countries affected by data breaches, with 28.9 million accounts compromised last year.