You could say the leak of what are said to be Apple and Tesla trade secrets has put a target on Tata Electronics’ back. Security types have found that the World Leaks ransomware crew has put up more than 200,000 files on the dark web, well over 630 gigabytes of it. In the wake of the incident, Apple is looking into it and a ransom has been made of Tata.
India’s supply chain ambition meets a cyber stress test
This isn’t just any old cyber scare when you consider how much of a part Tata has in Apple’s worldwide production. For now, they are churning out about a third of the iPhones made in India; Foxconn does the other two-thirds.
It is all part of the plan to make India an electronics powerhouse. But if there is even a whiff of unreliability from a key supplier, it doesn’t just affect one firm – it can have an impact on the kind of policy objectives the country is after.
Then there is the matter of precedent. A year back, a cyberattack on its Jaguar Land Rover arm in Britain left Tata with a six-week standstill in output. On top of that, the company is under a microscope for what has been alleged as farmland contamination in the vicinity of an iPhone parts facility.
Inside the alleged data cache
If you ask the researchers who have had a look at the database, it is a veritable trove of internal papers, specs and component designs for both Apple and Tesla. You can find footers on some of them to the effect of: This document contains proprietary and confidential information of Apple Inc.
And with others, the text will tell you the contents are a trade secret of Tesla Inc. Word on the street is that Tata supplies the electric car maker as well.
Rajshekhar Rajaharia, a cybersecurity researcher in India, says a bit of digging in the leak turns up some telling references. Type in Apple and you get 181 files and folders. Put in Tesla and you are looking at manufacturing specs and an assembly paper from May 2025.
Some of the folder titles in the World Leaks database, like NV36 Chargeport Controller – North America, seem to be for the next-gen Model Y. There is also a 2023 file for a Tesla project called Highland – the new Model 3 – with a big TRADE SECRET label on it.
They have also pointed to a 52-pager with Apple’s own markings on it, which is supposed to be the standards for quality-checking iPhone circuitry. And if you run a query for Hosur, where Tata has its main iPhone plant in Tamil Nadu, 33 files and folders come up.
How the breach surfaced and what is verified
World Leaks, the group behind the Nike hack of some time ago, has put out the word that it is making the stolen Tata data available on the dark web, in a place no search engine can find.
Rakesh Krishnan, another in the security field, says the material has been up there since June 10 or so. We can’t vouch for the files right away, and we haven’t been able to get a hold of anyone at World Leaks to talk about it.
Rajaharia adds that the set is not just business as usual; it has in it emails, years of event logs and even the passport copies of some staff, some of them from abroad. You’ll find a number of folders in the research that point to com.apple.factorydata and other spec sheets.
Company responses and what followed
Tata Electronics has put out a statement on the matter. “A few weeks back we found a cybersecurity incident on some of our systems and we moved to contain it,” the company said. “We put our protocols in place right away. It has not made a dent in our operations, which are as they should be.”
But there is more to it. An insider with knowledge of the situation says Apple is looking into it and a complete review is under way. The source also put it on the record that Tata was handed a ransom demand over the incident. We reached out to both for comment: Apple didn’t get back to us, and Tata would not say if the claim about the ransom was true.
Neither Tesla nor India’s Computer Emergency Response Team returned our calls or emails. One industry source does have it from Tata that they let some of the staff at their iPhone assembly line in on the breach last week.
Key takeaways so far
This is what you need to know:
– 200,000-plus files up on the dark web
– We’re talking 630 gigabytes of data
– Apple is in the middle of a full-scale analysis
– And, as one source has it, a ransom was put on the table by the attackers
What this means for Apple in India
Apple can’t just walk away from China without reliable partners to make up the difference. That’s where Tata comes in; they are fast becoming one of the most vital manufacturing arms for the Cupertino giant outside of China, in step with what the government wants to see.
If a security hole gets to your factory data or product designs, people will start asking hard questions about how well you protect your suppliers and how often you audit them. Even if business as usual continues, you can expect your customers to be a little more of a hawk on you.
Then there is the question of India’s supply chain standing. You have to put this in context with the six-week stoppage at Jaguar Land Rover and the environmental row over iPhone parts from last year. All of it is under a microscope.
Looking ahead
There are two things happening at once: Apple’s probe and Tata’s work to put a lid on the problem. They will show us how much is at risk and if any IP is in play. There is also the matter of the ransomware, and the need to handle it in a way that doesn’t give others an idea.
Don’t be surprised if regulators get involved. When you have 630 gigabytes and 200,000 files in the open, as the researchers put it, you have to answer for it. For an ecosystem that is the lifeblood of India’s exports, being open about it is the only way to keep your good name.
We may get a better read on it as the data is pored over. Krishnan has the data has been out there since June 10, and in his review, Rajaharia came across everything from employee files to years’ worth of logs.
In the wider market
Foxconn is still the other big name in Indian iPhone assembly. Should clients get more demanding or move some of the work around, the playing field between the two could change depending on who can show they have the better cyber defences and house rules.
For now, Tata and its clients have to plug the holes. The bigger picture is making sure a mistake like this doesn’t put a damper on India’s push into high-end electronics.
