State-owned Korea Hydro & Nuclear Power Co. said the two-day drills are meant to prepare workers in the event of hacking attacks aimed at disabling the plants' controlling systems.
The company and the energy ministry said that even though the controlling system is safe from hacking, they are holding the exercises to assure public safety.
Last week, documents including layouts of nuclear facilities and personal information of nuclear workers were published online. Local media said the unidentified user who posted images of the stolen nuclear documents imprinted with "WHO AM I?" on a South Korean blog were hackers. The company said the documents were not confidential and that the safety of the nuclear power plants was not affected.
A Korea Hydro official said investigators were still looking into whether the data were stolen by hackers who breached into its computer systems or if they were leaked by employees. Speaking on condition of anonymity because the person was not authorized to speak about the matter, the official said the company had not yet determined how the documents were leaked.
But Hauri Inc., an anti-virus company based in Seoul, said it alerted the company earlier this month after detecting malicious computer codes that were attached in emails to the nuclear company's employees. The company said investigators were looking into those emails to see whether they were connected to the stolen data.
On Sunday, a user on Twitter demanded a halt to operations at three nuclear power plants. The user, who wrote in Korean, threatened to disclose more data and carry out another attack if the request was not met by Christmas.
The leaked documents from the nuclear power company dominated headlines of South Korean media. The scare comes amid international attention of the hacking of Sony Pictures, which the United States has blamed on North Korea.
There is, however, no evidence yet that Pyongyang is behind the purported hacking threat against the nuclear plants. Yonhap News reported that investigators are casting a wide net, looking at hackers who have previously used the phrase "WHO AM I?" as well as others who have used a similar tactic in the past.