A ransomware group says it lifted more than 630 gigabytes from the Indian manufacturer, including purported design files belonging to two of its biggest customers. The authenticity of those files is unconfirmed.
India’s Tata Electronics has confirmed that it detected a cybersecurity incident on some of its systems a few weeks ago, after a ransomware group posted what it claims are component design and specification documents belonging to Apple and Tesla.
Both companies are customers of the wider Tata group, and both names appearing in the same leak is precisely the sort of detail that turns a routine intrusion into an international story.
What is in those files, according to World Leaks and the researchers who have examined the listing, is where the alarm comes from.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
The leaked database purportedly contains Apple folders, some titled “com.apple.factorydata,” alongside documents referring to “material specification.”
Among them, researchers told Cybernews, is a 52-page document bearing Apple’s proprietary markings that allegedly sets out quality-inspection standards for iPhone circuit-board components.
For Tesla, one folder is labelled “NV36 Chargeport Controller – North America,” a purported reference to parts used in an upgraded Model Y.
The repeated “purported” matters. None of the file claims has been independently verified, and the authenticity of the Apple and Tesla documents rests, for now, on the word of the people who stole them and on researchers reading a dark-web index.
World Leaks has an obvious incentive to overstate the value of its catch.
Tata Electronics, for its part, has not disputed that something happened. In a statement reported by CNBC, the company said it had detected the incident, that response protocols were deployed immediately, and that there had been “no impact on operations” across its businesses.
It did not address the specific contents of the leaked files. Apple was investigating the breach, and Tata had received a ransom demand related to the incident.
Tata Electronics has spent the past few years positioning itself as a serious contributor to Apple’s manufacturing base outside China, assembling iPhones and building out component work in India.
That ambition is exactly what makes a supplier breach so awkward: the secrets that flow to a contract manufacturer are not its own, and a single compromised vendor can expose customers who never touched the breached network themselves.
That dynamic has become the defining shape of recent cyber incidents. The largest education data breach on record landed not on a school but on a software vendor, and a recent leak tied to AI training reached deep into a client’s confidential work through an intermediary.
Attackers have worked out that the soft entry point is rarely the marquee name; it is the partner three steps down the supply chain.
For ransomware crews, the calculus is straightforward. A folder labelled with Apple’s name carries leverage that a generic manufacturing database does not, regardless of what the files turn out to contain, and the threat of publication is itself the product.
The wider arms race over software vulnerabilities has only sharpened the incentives on both sides.
What comes next depends on verification that has not yet happened. If the Apple and Tesla documents are authentic, the question becomes how current and how sensitive they are; if they are not, World Leaks has staged an expensive bluff.
Tata Electronics, Apple, and Tesla have so far said little beyond confirming that an investigation is under way, which leaves the most consequential claims about the breach resting, for now, on the say-so of the group that made them.
Stephan is the sports journalist for the Maple Grove Report.
