Breach nghiêm hiểm: Dữ liệu nhà máy hạt nhân lớn nhất Ấn Độ bị lộ

Major Data Breach at India's Largest Nuclear Power Plant Exposes Sensitive Information

A significant data breach has compromised approximately 19,000 sensitive documents related to the Kudankulam Nuclear Power Plant (KKNPP) on the dark web. The leaked documents primarily pertain to Units 3 and 4 of the 2,400 MW facility, which are still under construction and scheduled for operational status by 2027.



Comprehensive Overview of the Data Breach

The data breach occurred on a server managed by Yotta, a third-party data center provider. Yotta detected suspicious activity on a server owned by Reliance Infrastructure, a subsidiary of India's Reliance Group. The criminal network World Leaks (formerly known as Hunters International), which specializes in stealing sensitive data and extorting victims, published this dataset after their financial demands were unmet.



Key Details of the Data Breach
Number of Documents CompromisedApproximately 19,000 sensitive documents
Breach LocationDark web
Affected Service ProviderReliance Infrastructure (via Yotta)
Responsible OrganizationWorld Leaks (Hunters International)
Plant Units AffectedUnits 3 and 4 (under construction)

Background on the Kudankulam Nuclear Power Plant

The Kudankulam Nuclear Power Plant, located in Tamil Nadu, India, stands as one of the country's largest nuclear power installations. Units 1 and 2 are already operational, while Units 3 and 4 are currently under construction with a combined capacity of 2,400 MW, expected to be completed by 2027.



The Nuclear Power Corporation of India Limited (NPCIL) and the Indian Computer Emergency Response Team (CERT-In) are currently investigating the incident. These agencies have indicated that the compromised documents do not appear to affect the core nuclear reactor systems, which are specifically designed by Rosatom, Russia's state nuclear corporation.



Potential Implications of the Data Breach

However, security researchers from the Nuclear Threat Initiative (NTI) have warned that malicious actors could exploit this data to map out support systems, identify vulnerabilities in suppliers, and target critical links in the plant's supply chain.



Potential Threats from Compromised Data
ApplicationMapping support systems
ApplicationIdentifying supplier vulnerabilities
ApplicationTargeting supply chain links
Not AffectedCore nuclear reactor systems

Government agencies and offices of Prime Minister Narendra Modi have declined to comment publicly on the matter.



Historical Context of Cybersecurity Incidents

The KKNPP data breach marks the second cyber incident related to this nuclear facility. In 2019, the facility experienced malware infection on its administrative network, with the plant's control systems and measurement equipment being completely isolated from the administrative network and the internet.



Furthermore, this represents World Leaks' second attack on an Indian company. Last month, a massive data breach targeted Tata Electronics, a key manufacturer and supplier for Apple and Tesla. World Leaks published over 630 GB of stolen data, including details about the unreleased iPhone 18 Pro supply chain, component diagrams, and proprietary Tesla documents, following an ignored ransom demand.