Tata Electronics on Monday confirms a “cybersecurity incident” after the World Leaks ransomware group published more than 200,000 files allegedly tied to Apple and Tesla, including manufacturing records, technical drawings, and employee passport scans.

"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems, the Indian manufacturing giant said in a statement sent to Reuters on Monday.

“Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected," it said.

The company did not disclose what systems were accessed, whether data was stolen, or if the incident is connected to the files published by World Leaks.

Alleged Apple and Tesla files

World Leaks appears to have posted Tata Electronics on its dark web leak site earlier this month on June 12th.

The alleged 204,341 file cache reportedly contains a plethora of confidential files and proprietary data, including Apple and Tesla schematics, technical and mechanical drawings, full passport scans, and more - the equivalent of 630.4 GB, according to the World Leaks post.

Apple said it is investigating the incident, while Tata reportedly received a ransom demand related to the breach, according to Reuters.

Tata did not say whether it is negotiating with the group or how much money was demanded.

Security researchers reviewing the files for Reuters said they found documents referring to Apple's manufacturing processes and Tesla's engineering projects.

Cybernews, which also reviewed the massive “List of files,” found hundreds of references to Apple and Tesla, including folders named "com.apple.factorydata" and documents marked as proprietary and confidential.

Those files with Tesla in the name appear to reference components used in the company's vehicles, with one document described as "TRADE SECRET" and containing drawings linked to Project Highland, Tesla's internal codename for its revamped Model 3 sedan.

From PDFs, Excel spreadsheets, and PowerPoint files, other files Cybernews could see ranged from Tata Electronics energy bills and factory licenses to a folder titled War Room documents, and another containing documents dated as late as May of this year.

The screenshots also show folders labeled Equipment Data, IATF Audit Documents, Maintenance Engineer reports, and dozens of Standard Operating Procedure spreadsheets covering machine setup, inspection, and manufacturing processes.

Other World Leaks samples reviewed by Cybernews included what appear to be copies of several employee passports, while researchers identified employee emails and other sensitive operational data, including cryptographic certificates, key files, and event logs spanning several years.

Supply-chain security concerns

Cybernews further found references to Pegatron, Foxconn, and Qualcomm in the text file – key companies in Apple's manufacturing supply chain – although there is no evidence the companies have been compromised.

Tata Electronics currently accounts for roughly a third of Apple's iPhone production in India, with Foxconn making up the rest, according to Reuters.

Based in India, the Tata Group and its extensive number of subsidiaries – including its electronics and semiconductor manufacturing arm – serve as a primary contract manufacturer and component supplier for Apple and Tesla.

Heavily focused on iPhones, Tata Electronics supplies Apple with iPhone back panels, metallic enclosures, circuit board parts, and fully assembled devices, according to Reuters.

Tata Electronics also became an official Tesla supplier in 2025, supplying the Musk-owned brand with semiconductor chips, circuit board assemblies for Tesla battery management systems, vehicle motor controller units and door-control mechanisms.

Tata Group’s growing cyber headaches

If the Tata name sounds familiar, another Tata Group subsidiary, Tata Consultancy Services (TSC), was identified as the third-party IT services vendor whose employees were compromised in a sophisticated social engineering attack tied to the Scattered Spider ransomware group last spring.

The attack led to a widely covered, months-long breach of British retailer Marks & Spencer, costing the company $400 million in lost revenue, while TCS, not surprisingly, was eventually fired as the retailer’s IT help desk vendor.

Additionally, a devastating cyberattack on Tata Motors, the parent company of Jaguar Land Rover (JLR) and another Tata Group subsidiary, forced a complete standstill at the high-end automaker’s UK production facilities last August.

Also carried out by the Scattered Lapsus Hunters hacker collective, the six-week shut down was said to have cost JLR an estimated $68 million per week.

Meanwhile, World Leaks, whose biggest attack claim in 2026 was the Nike footwear and apparel brand in January, was launched in early 2025 and is widely believed to be a rebrand of the notorious Hunter’s International ransomware cartel.

---

Unlock more exclusive Cybernews content on YouTube.