Rò rỉ dữ liệu nghiêm trọng tại nhà máy hạt nhân lớn nhất Ấn Độ






Major Data Breach Exposes 19,000 Sensitive Documents of India's Largest Nuclear Plant on Dark Web


Major Data Breach Exposes 19,000 Sensitive Documents of India's Largest Nuclear Plant on Dark Web

A significant data breach has exposed approximately 19,000 sensitive documents related to the Kudankulam Nuclear Power Plant (KKNPP) on the dark web, raising serious concerns about India's energy and national security. The documents primarily concern Units 3 and 4 of the 2,400 MW plant, which are currently under construction and scheduled to become operational by 2027.



Details of the Data Breach

According to sources, the data breach occurred on a server managed by Yotta, a third-party data center provider. Yotta detected suspicious activity on a server owned by Reliance Infrastructure, a subsidiary of India's Reliance Group. The World Leaks hacking group (formerly known as Hunters International), which specializes in stealing sensitive data and extortion, published this collection of documents after their financial demands were ignored.



Information About the Kudankulam Nuclear Power Plant

The Kudankulam Nuclear Power Plant, located in Tamil Nadu, India, is one of the largest nuclear power facilities in the country. Units 3 and 4 are currently under construction with a total capacity of 2,400 MW and are expected to be completed by 2027. The leaked documents are believed to contain detailed information about the design, operation, and security of these units.



ParameterDescription
Plant NameKudankulam Nuclear Power Plant (KKNPP)
LocationTamil Nadu, India
Capacity2,400 MW (Units 3 and 4)
StatusUnder Construction
Expected Operational Date2027

Indian Authorities' Response

The Nuclear Power Corporation of India (NPCIL) and the country's central cybersecurity agency, CERT-In, are currently investigating the incident. These authorities have stated that the leaked documents do not appear to affect the core nuclear reactor systems, which are separately designed by Rosatom, Russia's state-owned company.



However, security researchers from the Nuclear Threat Initiative (NTI) have warned that malicious actors could exploit this data to map support systems, identify vendor vulnerabilities, and target critical links in the plant's supply chain.



The World Leaks Hacker Group

World Leaks, formerly operating as Hunters International, is a cybercrime group specializing in stealing sensitive data and extorting victims. This is the second time the group has targeted an Indian company. The Kudankulam data breach is part of their increasingly aggressive activities targeting critical infrastructure and large corporations.



History of Previous Attacks

The Kudankulam data breach is the second cybersecurity incident related to this nuclear power plant. In 2019, the facility experienced malware infection on its administrative network, with control systems and measuring equipment operating systems completely isolated and "air-gapped" from the administrative network and the internet.



Comparison with the Tata Electronics Breach

Last month, a major data breach targeted Tata Electronics, a crucial manufacturer and supplier for Apple and Tesla in India. World Leaks published over 630 GB of stolen data, including details of the yet-to-be-announced iPhone 18 Pro supply chain, component diagrams, and Tesla's proprietary documents, reportedly after their ransom demands were ignored.



ParameterKudankulam BreachTata Electronics Breach
VictimKudankulam Nuclear Power PlantTata Electronics
Data Stolen~19,000 documents~630 GB of data
Potential ImpactNational energy securityIntellectual property, trade secrets
Ransom DemandNot disclosed$1.5 million
ResponseInvestigation by NPCIL and CERT-InTata Electronics confirmed but said manufacturing operations unaffected

Tata Electronics confirmed the cybersecurity incident but stated that manufacturing operations and business systems remained unaffected. The Indian government and Apple have initiated forensic investigations to determine the extent of intellectual property exposure.



Conclusion and Outlook

The Kudankulam data breach highlights the growing risks to critical infrastructure in the face of increasingly sophisticated cyberattacks. While Indian government officials and the office of Prime Minister Narendra Modi have declined to comment publicly on the matter, the incident will undoubtedly spur discussions on enhancing cybersecurity for the country's vital energy facilities.



As investigating agencies continue to work to fully assess the impact of the breach, cybersecurity experts emphasize the importance of implementing multi-layered security measures and continuous monitoring to protect critical infrastructure assets from growing cyber threats.



The fact that major Indian companies are increasingly becoming targets of cybercrime groups like World Leaks demonstrates the urgent need to enhance cybersecurity capabilities and foster closer collaboration between the private sector and government to address the growing cyber threat landscape.



— By Alex Kimani for Oilprice.com —