Hackers dump 200,000 alleged secret Apple, Tesla files after Tata Electronics breach
Tata Electronics has confirmed a “cybersecurity incident” after the World Leaks ransomware group published more than 200,000 files allegedly tied to Apple and Tesla, including manufacturing records, technical drawings, and employee passport scans.

Image by Cybernews.
Tata Electronics has confirmed a “cybersecurity incident” after the World Leaks ransomware group published more than 200,000 files allegedly tied to Apple and Tesla, including manufacturing records, technical drawings, and employee passport scans.
- Tata Electronics confirmed a cybersecurity incident after hackers published more than 200,000 alleged company files online.
- The leaked file listing appears to include Apple and Tesla documents, technical drawings, and employee passport scans.
- The incident highlights growing supply-chain risks as cybercriminals increasingly target major manufacturers and their vendors.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems, the Indian manufacturing giant said in a statement sent to Reuters on Monday.
“Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected," it said.
The company did not disclose what systems were accessed, whether data was stolen, or if the incident is connected to the files published by World Leaks.
Alleged Apple and Tesla files
World Leaks appears to have posted Tata Electronics on its dark web leak site earlier this month on June 12th.
The alleged 204,341 file cache reportedly contains a plethora of confidential files and proprietary data, including Apple and Tesla schematics, technical and mechanical drawings, full passport scans, and more – the equivalent of 630.4GB, according to the World Leaks post.
Apple said it is investigating the incident, while Tata reportedly received a ransom demand related to the breach, according to Reuters.
Tata did not say whether it is negotiating with the group or how much money was demanded.
Security researchers reviewing the files for Reuters said they found documents referring to Apple's manufacturing processes and Tesla's engineering projects.
Cybernews, which also reviewed the massive “list of files,” found hundreds of references to Apple and Tesla, including folders named "com.apple.factorydata" and documents marked as proprietary and confidential.
Those files with Tesla in the name appear to reference components used in the company's vehicles, with one document described as "TRADE SECRET" and containing drawings linked to Project Highland, Tesla's internal codename for its revamped Model 3 sedan.
From PDFs, Excel spreadsheets, and PowerPoint files, other files Cybernews could see ranged from Tata Electronics energy bills and factory licenses to a folder titled War Room documents, and another containing documents dated as late as May of this year.
The screenshots also show folders labeled Equipment Data, IATF Audit Documents, Maintenance Engineer reports, and dozens of Standard Operating Procedure spreadsheets covering machine setup, inspection, and manufacturing processes.
Other World Leaks samples reviewed by Cybernews included what appear to be copies of several employee passports, while researchers identified employee emails and other sensitive operational data, including cryptographic certificates, key files, and event logs spanning several years.
Has your password leaked?
Michael Centrella, Head of Public Policy at SecurityScorecard says the Tata breach goes beyond the loss of ordinary corporate records, instead showing “how much highly sensitive customer and employee information can accumulate inside a single strategic supplier.”
This is the risk companies create when they treat suppliers as operational partners but not as extensions of their security perimeter, Centrella explains.
“Apple and Tesla may have strong defenses of their own, but once critical designs and manufacturing data are handed to another company, their security depends on controls they do not directly manage, “ he says.
Supply-chain security concerns
Cybernews further found references to Pegatron, Foxconn, and Qualcomm in the text file – key companies in Apple's manufacturing supply chain – although there is no evidence that the companies have been compromised.
Tata Electronics currently accounts for roughly a third of Apple's iPhone production in India, with Foxconn making up the rest, according to Reuters.
Based in India, the Tata Group and its extensive number of subsidiaries – including its electronics and semiconductor manufacturing arm – serve as a primary contract manufacturer and component supplier for Apple and Tesla. Heavily focused on iPhones, Tata Electronics supplies Apple with iPhone back panels, metallic enclosures, circuit board parts, and fully assembled devices, according to Reuters.
Tata Electronics also became an official Tesla supplier in 2025, supplying the Musk-owned brand with semiconductor chips, circuit board assemblies for Tesla battery management systems, vehicle motor controller units and door-control mechanisms.
“Tata keeps showing up in these conversations because it sits in the middle of so many high-value relationships,” Nick Tausek, lead security automation architect at Swimlane, tells Cybernews.
“Apple and Tesla are the names that grab attention, but Tata is the connective tissue that makes their operations move. If component documents or supplier details were exposed, attackers may not need to breach Apple or Tesla directly. They can study the relationships around them instead,” he says.
Tausek also believes that the damage from the Tata attack could spread if attackers manipulate the stolen data.
“Fraud attempts get more believable, and vendor impersonation gets easier. Internal teams are forced to sort through what was exposed while the business keeps moving,” he adds.
Tata Group’s growing cyber headaches
If the Tata name sounds familiar, another Tata Group subsidiary, Tata Consultancy Services (TSC), was identified as the third-party IT services vendor whose employees were compromised in a sophisticated social engineering attack tied to the Scattered Spider ransomware group last spring.
The attack led to a widely covered, months-long breach of British retailer Marks & Spencer, costing the company $400 million in lost revenue, while TCS, not surprisingly, was eventually fired as the retailer’s IT help desk vendor.
Additionally, a devastating cyberattack on Tata Motors, the parent company of Jaguar Land Rover (JLR) and another Tata Group subsidiary, forced a complete standstill at the high-end automaker’s UK production facilities last August.
Also carried out by the Scattered Lapsus Hunters hacker collective, the six-week shut down was said to have cost JLR an estimated $68 million per week.
Meanwhile, World Leaks, whose biggest attack claim in 2026 was the Nike footwear and apparel brand in January, was launched in early 2025 and is widely believed to be a rebrand of the notorious Hunter’s International ransomware cartel.
Unlock more exclusive Cybernews content on YouTube.