India's Tata Electronics hit by cyber breach claiming to expose Apple, Tesla trade secrets

NEW DELHI: Tata Electronics said on Monday it had detected a cybersecurity incident on some of its systems after researchers found that a ransomware group had posted purported Apple and Tesla component documents linked to the Indian manufacturer on the dark web.

Tata Electronics, which makes components for Apple and is emerging as one of the company’s key manufacturing partners outside China, said its response protocols were activated immediately after the incident was identified a few weeks ago.

The company said the incident had not affected its operations across businesses.

Security researchers told Reuters that World Leaks had posted more than 200,000 files linked to Tata Electronics on the dark web. The group’s website said the data dump totalled more than 630 gigabytes.

Reuters said it could not immediately verify the authenticity of the data and could not immediately reach World Leaks for comment.

A source familiar with the matter said Apple was investigating the breach and that a full analysis was under way. The source also said Tata had received a ransom demand linked to the incident.

Apple did not respond to requests for comment, while Tata Electronics declined to comment on the ransom demand.

The Indian Computer Emergency Response Team, a unit under India’s IT ministry that oversees cyber incidents, did not immediately respond to Reuters’ request for comment.

The breach comes as Tata expands its role in Apple’s India supply chain. Tata currently accounts for roughly one-third of Apple’s iPhone production in India, while Foxconn produces the rest.

The incident is another challenge for Apple’s supply chain in India, where Tata has also faced scrutiny over alleged contamination of farmlands near one of its iPhone parts plants, Reuters reported.

Tata was also hit by a cyberattack last year at its British Jaguar Land Rover group, which led to a six-week halt in output.

World Leaks, which has previously claimed responsibility for a Nike breach, said on its dark web page that it was publishing stolen Tata Electronics data.

The database on the World Leaks website included several purported Apple files and folders, including some titled “com.apple.factorydata”, along with documents referring to material specifications.

Indian cybersecurity researcher Rajshekhar Rajaharia, who reviewed the files for Reuters, said the data also included emails, event logs covering several years and passport copies of employees, including foreign nationals.

A second security researcher, Rakesh Krishnan, said the data dump had been accessible on the dark web since at least June 10.

Industry sources said Tata also manufactures parts for Tesla.

One folder in the World Leaks database was labelled “NV36 Chargeport Controller - North America”, which Reuters said appeared to refer to parts used in an upgraded version of Tesla’s Model Y SUV.

Another purported Tesla document from 2023, marked as “TRADE SECRET”, showed drawings linked to Project Highland, Tesla’s publicly known internal codename for its revamped Model 3 sedan.

Tesla did not respond to requests for comment.

Rajaharia also shared a screen recording of his review of the files. It showed that a search for “Apple” returned 181 files and folders, while a search for “Tesla” returned files that appeared to include manufacturing specifications and an assembly document dated May 2025.

Some files published by World Leaks carried footers stating that the documents contained proprietary and confidential information of Apple Inc. and confidential, proprietary and trade secret information of Tesla Inc.

Among the files was a 52-page document with Apple proprietary markings that appeared to detail quality inspection standards for iPhone circuit board components.

The data also included 33 files and folders linked to the search term “Hosur”, the location of Tata’s main iPhone assembly plant in Tamil Nadu.

A second industry source familiar with the matter said Tata informed some employees at its iPhone assembly operations last week about the data breach.

The incident highlights the exposure of global supply chains to cyber and ransomware attacks as companies move more critical electronics and vehicle manufacturing work across multiple countries.