A ransomware group has published more than 200,000 files it claims to have stolen from one of Apple’s most important manufacturing partners in India. The company at the centre of the breach has confirmed an incident took place. It says its operations have not been affected. But the material now circulating on the dark web tells a story that goes far beyond the company itself.
Tata Electronics is an Indian manufacturing giant founded in 2020. It is a key part of Apple’s effort to build more of its products outside China. India now produces roughly 26 per cent of the world’s iPhones. Tata Electronics is responsible for around a third of that output. The company also became an official supplier to Tesla in 2025. It makes semiconductor chips, circuit board parts used in battery systems and components for motor controls and door mechanisms for the electric vehicle maker.
The ransomware group behind the publication calls itself World Leaks. It posted what it described as stolen Tata Electronics data on its dark web site on the 12th of June. The dark web is a part of the internet that cannot be reached through ordinary search engines. World Leaks claimed the dataset contained more than 204,000 files totalling over 630 gigabytes of data.
A review of samples of the material suggested the files included Apple supplier specifications and Tesla manufacturing documents. Reporters from Reuters and TechCrunch both examined portions of what was posted. Neither was able to confirm the authenticity of every file. Reuters found what appeared to be at least 16 folders of documents linked to the chip company TSMC and 23 more linked to Qualcomm. Both supply components used in iPhones. The posted material also appeared to include employee passports, operational records and event logs spanning several years.
Tata Electronics confirmed the incident in a statement. The company said it had identified a cybersecurity incident on some of its systems a few weeks before the publication. It said its response protocols were activated immediately. It said there had been no impact on its operations. It declined to say which systems had been accessed, whether data was stolen, how many clients or individuals were affected or whether the files published by World Leaks were genuine.
According to reports, Tata received a ransom demand connected to the breach. This is standard practice for ransomware groups. They typically break into a company’s systems, copy files, demand payment and then publish the data if the demand is not met. World Leaks follows this model. It previously claimed responsibility for a similar attack on Nike earlier this year.
The response inside Tata Electronics has been swift and significant. The company hired a global consulting firm to carry out a full forensic audit of what happened and what was accessed. It notified the Indian government. It informed its clients. It also introduced a new set of internal security controls across all its facilities and offices.
Those controls are meaningful. Remote access to sensitive internal systems, including the platforms used to manage purchase orders, has been restricted to a much smaller group of employees than before. Work from home remains permitted. But the ability to connect to critical internal platforms from outside company premises has been significantly reduced. One source familiar with the situation told Reuters that Tata Electronics had hardened access to its sensitive internal systems while the investigation continued.
Apple is also involved. The company’s own security team is working with Tata Electronics on both immediate responses and longer term measures. Apple has not commented publicly beyond confirming it is investigating.
The breach carries implications beyond the two companies involved. If the leaked material is genuine, it could expose closely guarded product designs, manufacturing processes and operational details belonging to some of the world’s most valuable technology businesses. The fact that TSMC and Qualcomm documents may also be caught up in the breach suggests the reach of the incident may extend further than Tata’s direct clients.
The incident also comes at an uncomfortable time for the Tata group more broadly. Last year, the group’s British vehicle unit Jaguar Land Rover suffered a separate cyberattack that shut down production for six weeks. More recently, Tata Electronics has been under scrutiny in India over environmental concerns. The pollution control board in Tamil Nadu issued a warning to the company’s Hosur plant over claims that liquid discharged from the facility had affected farmland and caused health problems among local residents.
None of that scrutiny changes the central importance of Tata Electronics to Apple’s manufacturing strategy. India’s role in global iPhone production has grown quickly. Apple needs that expansion to continue. A significant data breach at its most important Indian partner is not a small setback. It raises questions about how well the confidential information of the world’s largest technology companies can be protected as their manufacturing operations grow more spread out and more complex.
