A ransomware group known as World Leaks posts on the dark web nearly 19,000 files it alleges are linked to India’s Kudankulam nuclear power plant, one of the country’s largest facilities in Tamil Nadu. The documents are dated from 2016 to mid-2025 and, according to reports that review the files, include items such as ventilation and cooling blueprints for Units 3 and 4 (currently under construction), supplier information, meeting records, equipment inspection reports, and insurance documents. Reuters, as cited by multiple outlets, reviews the materials but says it cannot independently verify their authenticity. The Nuclear Power Corporation of India is coordinating with contractor Reliance Group, while India’s CERT-In is examining the incident. Reliance Group says it experienced a “partial breach” involving data stored on a server hosted by third-party data centre provider Yotta and that the government has been informed, without detailing what information was compromised. Yotta says it detected suspicious activity on May 29 on a Reliance Infrastructure server, terminated it, and prevented suspected ransomware from executing, but later learned of claims by external threat actors. Yotta says it cannot verify the claims and is assisting with the investigation. The files do not appear to include reactor core systems supplied by Russia’s Rosatom.