India-based Tata Electronics said it had discovered a recent cybersecurity incident after a dark web site published a substantial volume of files that security researchers say include component design and specification documents for Apple and Tesla - both reported customers of the company.
Security researchers reviewing the leak said the group known as World Leaks had posted more than 200,000 files totaling over 630 gigabytes on the dark web. Reuters could not immediately verify the files' authenticity, and the World Leaks site could not be reached for comment, according to researchers who reviewed the cache.
Corporate response and immediate impact
Tata Electronics provided a statement saying that a few weeks ago it identified a cybersecurity incident affecting some of its systems. The firm said its response protocols were activated immediately and that the incident had not affected operations across its businesses, which it said remain unaffected.
A source familiar with the matter told Reuters that Apple was conducting an investigation and that a full analysis was under way. The same source added that Tata had received a ransom demand connected to the incident. Apple did not respond to requests for comment, and Tata Electronics declined to comment on the ransom demand.
The Indian Computer Emergency Response Team, the IT ministry unit that coordinates on cyber incidents, did not immediately respond to requests for comment.
What the leaked data reportedly contains
World Leaks' dark net posting is said to include a database listing several files and folders purporting to be associated with Apple, with some entries titled "com.apple.factorydata" and others referencing "material specification." One security researcher, Rajshekhar Rajaharia, who reviewed the files for Reuters, said the dump also contained emails, event logs spanning several years and passport copies of employees, including foreign nationals. Rajaharia has previously advised Indian police on cyber incidents.
A second researcher, Rakesh Krishnan, told Reuters the data dump had been accessible on the dark web since at least June 10. Rajaharia shared a screen recording showing searches within the data: a search for "Apple" returned 181 files and folders, and a search for "Tesla" returned files that included apparent manufacturing specifications and an assembly document dated May 2025.
Among the material flagged by researchers were a 52-page document that carried Apple's proprietary markings and was described as detailing quality inspection standards for iPhone circuit board components, and multiple files identified with the keyword "Hosur" - the location of Tata's principal iPhone assembly facility in Tamil Nadu state. Other files contained footers stating they contained proprietary and confidential information of Apple Inc. or were trade secrets of Tesla Inc.
Alleged Tesla documents and product references
Industry sources stated that Tata also produces parts for Tesla. In the World Leaks database, researchers found a folder labeled "NV36 Chargeport Controller - North America," which was identified as a purported reference to parts used in an upgraded version of Tesla's Model Y SUV. Another file labeled in the dump as a 2023 Tesla document and marked "TRADE SECRET" included drawings described as relating to project Highland, an internal codename referenced in the material.
Tesla did not respond to requests for comment.
Context within Tata's operations and the wider supply chain
The breach arrives as Tata Electronics expands its role as a contract manufacturer for high-profile electronics customers. The company is emerging as one of Apple's most significant manufacturing partners outside China, a development tied to broader efforts to grow electronics production in India. Tata currently accounts for roughly a third of Apple's iPhone production in India, with Foxconn producing the remainder, according to industry information cited in reporting on the incident.
The company has faced other recent operational and reputational challenges. Reuters previously reported scrutiny of Tata over alleged contamination of farmlands near one of its iPhone parts plants. Tata also experienced a cyberattack on its Jaguar Land Rover group last year that resulted in a six-week production halt.
According to a second industry source familiar with the situation, Tata informed some employees at its iPhone assembly operations last week about the data breach.
Security implications
Security researchers and observers of supply chains say the incident highlights how global manufacturers and their customers can be exposed to sophisticated cyber and ransom attacks that aim to extract or publicly publish sensitive design, manufacturing and personal data. The World Leaks posting, if authentic, contains a broad mix of technical documents, operational logs and personnel records that could raise compliance, intellectual property and privacy concerns for the companies and individuals involved.
Market tickers referenced
- AAPL +1.04%
- TSLA +2.33%
- TATM +1.55%
What happens next
At this stage, affected companies are conducting their own reviews and a full forensic analysis appears to be ongoing. Tata Electronics has said its businesses continue to operate normally. The investigation timelines, the degree to which the published files are authentic, and whether additional data will emerge remain uncertainties being followed by security researchers and company investigators.