💥Join UPSC 2027,2028 Mentorship (July Batch) + XFactor Notes & Microthemes PDF

Cyber Security – CERTs, Policy, etc

Kudankulam Nuclear Plant Data Leak

Why in News?

A ransomware group allegedly accessed over 19,000 files related to the Kudankulam Nuclear Power Plant (KKNPP) through a contractor’s server, raising cybersecurity concerns.

Key Highlights

  • The breach reportedly involved engineering documents, vendor details and conventional plant infrastructure files dating from 2016 to 2025.
  • The leak originated from a third-party server (Yotta) used by the plant’s contractor.
  • NPCIL clarified that the leaked data relates only to conventional balance of plant facilities and does not involve nuclear safety or security systems.
  • Investigations are being carried out by the Nuclear Power Corporation of India Limited (NPCIL) and the Indian Computer Emergency Response Team (CERT-In).
  • This follows a similar cybersecurity incident in 2019, when malware affected the plant’s administrative network.

About Kudankulam Nuclear Power Plant (KKNPP)

  • Located in Tirunelveli district, Tamil Nadu.
  • Developed by NPCIL in collaboration with Russia’s Rosatom.
  • Uses VVER (Water-Water Energetic Reactor), a Pressurised Water Reactor (PWR) technology.
  • Two 1,000 MW reactors are operational, while four additional units are under construction.

Significance

  • Highlights the importance of cybersecurity for critical infrastructure.
  • Reinforces the need for secure third-party vendors and supply chains.
  • Emphasises regular cyber audits and protection of strategic infrastructure.

Prelims Pointer

  • NPCIL: Nuclear Power Corporation of India Limited.
  • CERT-In: Indian Computer Emergency Response Team. It functions under the Ministry of Electronics and Information Technology (MeitY)
  • VVER: Water-Water Energetic Reactor (Russian Pressurised Water Reactor).
  • Operator: NPCIL under the Department of Atomic Energy (DAE).

[2017] In India, it is legally mandatory for which of the following to report on cyber security incidents?
1.Service providers
2.Intermediaries
3.Corporate bodies
Select the correct answer using the code given below:

[A] .1 and 2 only

[B] .2 and 3 only

[C] 1 and 3 only

[D] 1, 2 and 3 only


Join the Community

Join us across Social Media platforms.