NPCIL confirmed that malware was found on a Kudankulam Nuclear Power Plant administrative-network PC after CERT-In reported the issue on September 4, 2019. The affected user machine was on an Internet-connected administrative network that NPCIL said was isolated from critical internal plant systems, and the excerpt does not confirm whether data was stolen. Ars Technica links the incident to Dtrack reporting by Kaspersky, noting that Dtrack had appeared in attacks on financial and research centers and shared code elements with malware attributed to Lazarus. The source also notes ATMDtrack's use against ATM networks in India, making the case relevant to tracking suspected North Korean tooling beyond financial-sector targets.