Key Highlights:
- Ransomware group World Leaks stole over 630 GB of data from Tata Electronics, Apple's iPhone manufacturing partner in India, and leaked it on the dark web.
- The stolen data includes iPhone 18 Pro specs and prototypes, Tesla trade secrets, TSMC and Qualcomm files, and employee passport scans.
- India's government confirmed on July 3 that CERT-In is investigating the breach, though it came three weeks after Tata first disclosed the incident.
- Tata says factory operations were not affected, but it has tightened security access and hired forensic experts to investigate.
- This is Tata's second major cyberattack in a year, following the 2025 Jaguar Land Rover hack, raising concerns about cybersecurity in India's growing manufacturing sector.
India’s rise as a global electronics manufacturing hub has hit a serious cybersecurity test. Tata Electronics one of Apple’s most important iPhone manufacturing partners in India, has confirmed a cybersecurity incident after ransomware group World Leaks published a massive cache of files on the dark web. The leaked database reportedly contains more than 200,000 files and over 630 GB of data, including documents linked to Apple’s unreleased iPhone 18 Pro, Tesla, TSMC and Qualcomm.
Tata says its factory operations were not affected. But the bigger concern is not production — it is trust. The breach exposes how global supply chains are no longer protected only by factory gates, quality checks and manufacturing scale. They are protected by cybersecurity systems. For India, which is positioning itself as the world’s next major electronics manufacturing destination, this incident is a warning: making global technology products is one achievement; protecting the secrets behind them is another.

What Was Stolen
The breach is not a random data grab. It is a structured theft of some of the most sensitive files in global consumer electronics.
iPhone 18 Pro secrets:
- Component-by-component breakdown of the iPhone 18 Pro-chips, battery parts, camera modules
- At least six files mapping specific iPhone 18 Pro parts to the exact companies that make them
- Photos of iPhone 18 Pro prototypes undergoing drop tests at a Tata facility in early 2026
- A 52-page Apple-marked document on quality inspection standards for iPhone circuit board components
- 33 files linked to "Hosur" - the location of Tata's main iPhone assembly plant in Tamil Nadu
Tesla trade secrets:
- A folder titled "NV36 Chargeport Controller - North America" parts linked to Tesla's upgraded Model Y SUV
- A 2023 document marked "TRADE SECRET" engineering drawings for Tesla's Model 3 revamp, project Highland
TSMC and Qualcomm files:
- 16 TSMC folders, including a 2022 file marked "TSMC Secret" with product reliability test data
- 23 Qualcomm folders with manufacturing-related documents
- A 2023 Apple Silicon Engineering Group document linking Apple part numbers to TSMC's numbering system
Employee and corporate data:
- Passport scans of employees, including foreign nationals
- Internal emails and event logs spanning several years
- Multiple documents marked "proprietary and confidential" by Apple and Tesla
Who Is World Leaks?
World Leaks is not new. It has a clear playbook.
First, it gets inside a company's systems quietly. It steals data over weeks. It does not encrypt files or shut down operations. Then it posts the data publicly. Then it demands payment.
The group has hit Dell before. It stole 1.3 TB from Dell in July 2025. It hit Nike for 1.4 TB in January 2026. Tata Electronics is its latest and biggest victim.
Tata received a ransom demand. The amount has not been disclosed. Tata declined to comment on the ransom.
What Tata Electronics Said
Tata confirmed the breach on June 22. Its statement read:
"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems. Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected."
No factory stopped. No assembly line shut down. Operations continued normally. The attackers did not want to disrupt Tata. They wanted its data.
India's MeitY Secretary S. Krishnan spoke publicly on July 3. He said: "We are investigating it. It has been reported to CERT-In."
That was the first official government statement. The breach had been public for over three weeks by then.
CERT-In (India's Computer Emergency Response Team) is now running its own investigation. No timeline or findings have been released yet.
Under India's data protection rules, companies must report breaches to CERT-In within six hours of detection. The three-week gap between the breach and the government statement has raised questions.
What Apple Did
Apple has said very little. That is by design. Apple confirmed it is concerned and is investigating. It said it is working with Tata on near and long-term security measures. It said nothing else.
Apple is also conducting its own internal investigation. It has not filed any public disclosures.
The iPhone 18 Pro and Pro Max are expected to launch in September 2026. The leak came at the worst possible time.
Tata moved fast after the breach was confirmed. Here is what it did:
- Restricted all employee access to sensitive internal systems
- Limited remote access to select staff only
- Tightened work-from-home access to sensitive tools
- Hired a global forensic consultant for a full investigation
- Notified clients and the Indian government
- Applied stricter access controls across all facilities not just factories
No official forensic report has been released yet. But cybersecurity experts have a clear view.
John Pescatore, a security expert, said: "A breach of this nature is not usually a smash-and-grab exercise. Attackers typically need compromised credentials, weak access controls, or the ability to move across systems undetected."
He added: "Cybersecurity is now only as strong as the weakest link in the supply chain."
The attackers were likely inside Tata's systems for weeks. They moved slowly and stayed quiet. They left with 630 GB before anyone noticed.
Not Tata's First Hack
This is the second major cyberattack on a Tata Group company in a year.
In August 2025, Jaguar Land Rover owned by Tata Motors was hit by a ransomware attack. It halted UK production for six weeks.
Cybersecurity researcher Rajshekhar Rajaharia said: "Hacking manufacturing systems to extort ransom has become very common. It doesn't matter if you are an IT company or not. Other hacker groups might also start attacks in the future."
Warning for India
India is pitching itself as the alternative to China for global electronics manufacturing. Apple is its biggest proof point.
But this breach shows a gap. As more global companies move supply chains to India, cybersecurity must keep pace. Making iPhones is one skill. Protecting the secrets inside them is another.
News4Bharat POV
This is not just an Apple leak. This is a Make in India warning.
India wants to become the world’s trusted alternative to China in electronics manufacturing. Apple’s growing India operations are the biggest proof of that ambition. But the Tata Electronics breach shows that the next phase of manufacturing leadership will not be decided only by land, labour, incentives and production capacity. It will also be decided by cyber resilience.
If global companies are moving their most sensitive supply chains to India, Indian manufacturers must protect not just products, but prototypes, supplier maps, trade secrets, employee data and client confidence. The question now is bigger than Tata or Apple: Can India build factories that are globally competitive and digitally secure at the same time?



