MUMBAI (Diya TV) — A senior official at India’s state-run nuclear power operator says a recent data breach linked to the Kudankulam Nuclear Power Plant did not affect the facility’s nuclear safety or security. The statement comes after reports that a ransomware group posted files tied to the plant on the dark web, raising fresh questions about cybersecurity at critical infrastructure sites.

Rajesh V, the acting chairman and managing director of the Nuclear Power Corporation of India Limited, or NPCIL, said the leaked information involved only common service systems. He stressed that those systems have no link to the plant’s nuclear operations or security controls.

“These pertain to the common service balance of plant systems that have no connection with nuclear safety and security,” Rajesh V told NDTV.

NPCIL is the government-owned company responsible for building and operating India’s commercial nuclear power plants. The agency oversees the country’s civilian nuclear power network, including the Kudankulam Nuclear Power Plant in Tamil Nadu.

Reuters reported earlier that World Leaks, a ransomware group, posted files connected to the Kudankulam facility on the dark web. According to the report, the leaked material included what appeared to be blueprints of some plant facilities, supplier information, inspection records, and equipment reviews. However, Reuters said it could not independently verify the authenticity of the documents.

Even so, the report noted that the leaked files did not appear to involve the nuclear reactor’s core systems. Russia’s state-owned Rosatom supplied those systems for the plant.

Kudankulam is India’s largest nuclear power plant. The facility has a planned total generating capacity of 6,000 megawatts. It plays a major role in supporting the country’s growing electricity demand.

Meanwhile, one of the plant’s contractors acknowledged that a “partial breach” affected server data hosted at a third-party data center in India. However, the contractor did not disclose what specific information hackers accessed during the incident.

The breach has sparked debate among cybersecurity experts. Nikolas Roth, a senior director at the Nuclear Threat Initiative, said the incident could create a serious safety concern. He warned that sensitive information about critical infrastructure could increase security risks, even if hackers did not gain access to operational control systems.

However, NPCIL continues to maintain that the incident does not threaten the plant’s safe operation. The company says the compromised systems remain separate from the nuclear facility’s critical safety infrastructure. As a result, officials insist the breach did not affect reactor operations or nuclear security.

Cybersecurity experts often warn that ransomware attacks have become more common across industries. In many cases, hackers steal company data before demanding payment. If victims refuse to pay, the attackers may publish the stolen information online to increase pressure.

World Leaks follows that approach. The ransomware group has built a reputation for posting stolen corporate data on its website after failed ransom negotiations. Access to its website requires a specialized browser commonly used to reach hidden parts of the internet.

This is not the first cybersecurity incident linked to the Kudankulam plant. In 2019, NPCIL reported that it found malware on one computer at the facility. At that time, the company said the malicious software did not affect the plant’s operational systems. Officials also emphasized that the nuclear reactors and safety systems remained secure throughout the incident.