
While Reliance ADAG independently confirmed a partial data breach, sources aware of the matter told businessline that the files have been floating on the dark web for a couple of weeks.
Ransomware group World Leaks recently released files relating to multiple infrastructure projects of Anil Ambani’s Reliance Group (Reliance ADAG) in India, most prominently the country’s largest nuclear power plant, Kudankulam Nuclear Power Plant, sources told businessline.
The leaked data included blueprints and engineering details of parts of the Kudankulam facilities and supplier details. Beyond this, businessline confirmed exposed data of other projects across India such as the Sasan Coal Mine project, metro Mumbai Line 4, the Bihar-Jharkhand road project, the Pokharan Solar project, the Krishnapatnam thermal project and many others. While the company did not confirm details on the breached data, it described the ransomware attack as “unsuccessful.”
Partial data breach
While Reliance ADAG independently confirmed a partial data breach, sources aware of the matter told businessline that the files have been floating on the dark web for a couple of weeks.
“A cyber security incident of an unsuccessful ransomware attack resulting in a partial breach of the company’s data hosted on one of the servers of a third-party data centre’s storage system (Yotta Data Services) has been reported. No ransomware execution, data loss or lateral movement occurred. The services were restored successfully. The incident has not impacted the core systems and operations of the Company,” said Reliance ADAG in a stock exchange disclosure on July 7.
In a response, Yotta, which provides third party data centre services to Reliance Infrastructure stated they detected and managed endpoint security controls on May 29, against suspicious activity on a server hosted for Reliance Infrastructure. “We acted immediately: the suspicious process was terminated, and the affected server was isolated, preventing the suspected ransomware from executing,” said a Yotta spokesperson. Reliance Infrastructure directed Yotta to investigate the matter, while Yotta confirmed the enhanced measures were in place. For now, the incident has been reported to CERT-In.
The nuclear power plant based in the Tirunelveli district of Tamil Nadu, comprises six units, each with a 1,000 MWe capacity. Two of these units are at different stages of construction, while two units are operational, having cumulatively generated about 130 billion units of electricity by May 2026. The other two other units, 3 and 4, are at an advanced stage of construction. As per media reports, Reliance Infrastructure, a subsidiary of Reliance ADAG, won a contract in 2018 to design and build infrastructure for these two units.
The alleged leaked documents from the data breach provide information on blueprints, supplier details, meeting and inspection records, equipment reviews and insurance policies from 2016 to mid-2025. However, none of the documents expose the nuclear reactors’ core systems.
Responding to the news on the data breach regarding the Kudankulam project, Nuclear Power Corporation of India (NPCIL) in an official statement said, “The information claimed to be available in the public domain pertains only to conventional Balance of Plant (BoP) common service facilities and does not relate to any nuclear safety or nuclear security-related systems or information.”
“Critical infrastructure environments generally operate with multiple layers of cyber and operational safeguards, and it is important not to equate a reported data exposure with an impact on operational or safety-critical systems. The incident nevertheless highlights the importance of maintaining strong cybersecurity practices across the entire critical infrastructure ecosystem, including third parties and supporting systems,” said Vaibhav Koul, Managing Director, Protiviti Member Firm for India.
With inputs from Avinash Nair
Published on July 15, 2026
