Article may be outdated

This article is 3 days old. Some details may have changed since publication.

Crude Oil Prices Today | OilPrice.com·4 min read·hard

Critical Data For India’s Largest Nuclear Plant Exposed In Massive Breach

A
Alex Kimani
Critical Data For India’s Largest Nuclear Plant Exposed In Massive Breach
AI Summary

A cybercriminal group known as World Leaks has leaked 19,000 sensitive files from India's Kudankulam Nuclear Power Plant following a breach at a third-party data center. While core reactor systems remain secure, experts warn the data could be used to target supply chain vulnerabilities.

A massive data breach has exposed approximately 19,000 highly sensitive files related to the Kudankulam Nuclear Power Plant KKNPP on the dark web. The documents mainly involve Units 3 and 4 of the 2,400 MW plant, both still under construction and slated to become operational by 2027. The data breach occurred on a server managed by third-party data center provider Yotta, which detected suspicious activity on a server belonging to Reliance Infrastructure, a subsidiary of India's Reliance Group. World Leaks formerly Hunters International, a cybercriminal group that focuses on stealing sensitive data and extorting victims, published the cache after demands for money were ignored. The Nuclear Power Corporation of India NPCIL and the country's central cybersecurity agency, CERT-In, are currently investigating the incident, noting that the documents do not appear to impact the core nuclear reactor systems, which are separately engineered by Russia's state-owned Rosatom. However, security researchers from the Nuclear Threat Initiative NTI have warned that bad actors could exploit this data to map out support systems, identify vendor vulnerabilities and target critical links in the plant's supply chain. Government bodies and Prime Minister Narendra Modi's office have declined to comment publicly on the matter. The KKNPP data breach is the second cyber incident linked to the nuclear plant. In 2019, the facility experienced a malware infection on its administrative network, with the plant's operational controls and instrumentation systems completely isolated and "air-gapped" from the administrative network and the internet. It's also the second attack by World Leaks on an Indian company. Last month, a massive data breach hit Tata Electronics, an Indian manufacturer and critical supplier for Apple and Tesla. World Leaks published over 630 GB of stolen data, including unreleased iPhone 18 Pro supply chain details, component maps, and proprietary Tesla files, reportedly following an ignored ransom demand. The group allegedly demanded a $1.5 million ransom, though Tata Electronics has not publicly addressed the specific financial demands. Tata Electronics confirmed the cybersecurity incident but stated that manufacturing operations and business systems remained unaffected. The Indian government and Apple have launched forensic investigations into the extent of the intellectual property exposure.By Alex Kimani for Oilprice.com

Continue reading on Headlinne

Create a free account to read the full article.

Read full article →
technologyworldbusiness

Get the full story

Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.

Create free account

Already have an account? Sign in