NEW DELHI: Union Science minister Jitendra Singh on Thursday dismissed reports claiming that sensitive files related to the Kudankulam Nuclear Power Plant (KKNPP) had been leaked, asserting that there had been no breach of nuclear safety or security-related data.His remarks came a day after the Nuclear Power Corporation of India Limited (NPCIL) clarified that the leaked documents were linked only to the engineering, procurement and construction (EPC) contract for the plant’s conventional Balance of Plant (BoP) package, following reports that ransomware group World Leaks had accessed thousands of files.Speaking about the alleged data breach, Singh said no sensitive information had been compromised and there was no immediate need for a review as the incident had nothing to do with nuclear safety or the nuclear facility, PTI reported.His remarks followed reports that the ransomware group World Leaks had allegedly accessed more than 19,000 files linked to the Kudankulam Nuclear Power Plant, including engineering documents, vendor details and meeting records dating from 2016 to mid-2025, according to Reuters. However, NPCIL said the leaked information related only to the EPC contract for common service facilities under the Balance of Plant package.“The scope of the contract includes engineering, procurement/supply, construction and commissioning of common service facilities. These facilities are of conventional nature and are typically found in thermal power plants as well as other process industries,” NPCIL said in a statement.The corporation reiterated that the documents ‘do not relate to any nuclear safety or nuclear security-related systems or information.’The contract for the Balance of Plant package was awarded to Reliance Infrastructure Limited in 2018 through a public tender.The Kudankulam Nuclear Power Plant in Tamil Nadu comprises six Russian-designed VVER pressurised water reactors developed in collaboration with Russia. Units 1 and 2 are operational, while Units 3 and 4 are under construction and are expected to begin operations by 2027.The reports of the alleged breach emerged after ransomware group World Leaks claimed it had obtained thousands of files linked to the project. According to reports, the documents included engineering blueprints for cooling, ventilation and control systems, supplier and vendor information, operational records and meeting documents.Cybersecurity experts have warned that while there is no indication reactor systems were compromised, such information could still be useful to hostile actors targeting associated infrastructure or contractors.India’s Computer Emergency Response Team (CERT-In) and NPCIL are investigating the incident. Reliance Group has acknowledged a partial data breach involving a server hosted by third-party data centre provider Yotta and said the government has been informed.(with inputs from PTI)
