Kudankulam Nuclear Plant: Kudankulam nuclear plant data breached, NPCIL says core systems untouched | India News
NEW DELHI: Nuclear Power Corporation of India Ltd, which is leading construction and operation of reactors at the Kudankulam nuclear plant, as well as Anil Ambani’s Reliance Group, whose arm Reliance Infra was involved with building infrastructure at two units, Wednesday said its core systems were untouched by a “cyber security incident”, after well-known ransomware group World Leaks posted a huge cache of files related to the plant on the dark web and claimed data breach.NPCIL and Russia’s Rosatom are jointly developing the 6,000-MW Tamil Nadu-based nuclear plant. While units 1 and 2 are operational, units 3, 4, 5, and 6 are under various stages of construction and commissioning. Reliance Infra was involved in designing and building infrastructure for the plant’s unit 3 and unit 4 in 2018.

The nuclear plant, located in Tamil Nadu, is the largest of India’s nuclear plants.
Files are not related to nuclear safety, security: NPCIL
In response to a TOI query, a Reliance Group spokesperson said, “The company was informed by Yotta Data Services Private Limited (Yotta), its third-party data centre service provider, of a cybersecurity incident involving an attempted ransomware attack that resulted in partial breach of data hosted on one of Yotta’s servers. Yotta has informed the company that the suspicious process was identified and terminated immediately, and the incident was contained and also that no ransomware execution, data loss, or lateral movement occurred, and services were restored.”The spokesperson further said, “Yotta has confirmed that enhanced security monitoring and preventive controls are now in place. The company has directed Yotta to conduct a detailed investigation and submit a report. The incident has been reported to CERT-In, and disclosure has been made to the Stock Exchanges under Regulation 30 of the SEBI (LODR) Regulations, 2015. The company will take further steps as legally advised..”When asked about alleged claims that 19,000 of the 8.6 lakh Reliance files put on the World Leaks website appeared to be most sensitive, NPCIL executive director (CP&CC) Prateek Agrawal told TOI, “They (files) are not related to nuclear safety or nuclear security systems. Like thermal power plants, tenders are issued for common services. Such common services are not associated with the core systems of the nuclear plant.”Later, in a statement, NPCIL said the engineering, procurement and construction contract for the common services awarded to R-Infra are of conventional nature and are typically found in thermal power plants as well as other process industries.The release further said, “As part of the public tendering process, NPCIL provided indicative drawings and technical specifications to the bidders. Based on these inputs and the requirements of the project, EPC contractor, Reliance Infrastructure Ltd, prepared detailed engineering drawings in consultation with the respective original equipment manufacturers (OEMs). The designs proposed by Reliance Infra, meeting technical specifications, are accepted by NPCIL after review.”NPCIL reiterated that “the information claimed to be available in the public domain pertains only to conventional balance of plant common service facilities and does not relate to any nuclear safety or nuclear security-related systems or information”.