An algorithm is developed to construct unobservable attacks for an AC state estimator (SE). It is shown that unobservability of the attack, in the absence of noise, is guaranteed when the attacker exploits its local network knowledge to perform AC SE locally than the simpler DC SE often assumed in the literature. Finally, the consequences of such an unobservable attack are highlighted via a scenario in which the physical system is changed due to false data injection.