Tata Electronics Breach: 630 GB Leak Hits Apple and Tesla Supply Chains

Tata Electronics has landed at the center of a major cyber incident whose fallout could reach well beyond the Indian market. A group calling itself World Leaks says it has stolen and published more than 200,000 files totalling over 630 GB, and according to researchers, the trove includes material tied to Apple and Tesla. The archive has been available on the dark web since at least June 10.

Tata has confirmed it is investigating the breach but stressed that its plants and business operations were not halted. That caveat matters. Tata Electronics has become one of Apple’s key manufacturing partners in India — the company now accounts for roughly a third of all iPhone assembly in the country, with Foxconn handling the rest. Any disruption at a supplier of that scale instantly turns from an IT problem into a question about the resilience of the global supply chain.

According to researchers who reviewed the leak, the archive may contain internal emails, production records, engineering documents, system logs, employee passport copies and customer information. The most sensitive part is not the personal data. Among the files, investigators found folders referencing the NV36 chargeport controller for an upgraded Tesla Model Y and documents tied to Project Highland — the internal codename for the refreshed Model 3. Some files are marked “TRADE SECRET,” others carry Apple Inc. confidentiality footers.

The timing is especially uncomfortable for Apple. Over the past few years the company has been actively shifting part of its production to India to reduce its dependence on China. Tata plays a visible role in that strategy, handling iPhone assembly and component manufacturing. The bigger the new production base becomes, the more attractive it is to cyber extortionists.

World Leaks is not your typical group that simply encrypts servers and demands a ransom. It is a rebrand of Hunters International from early 2025, and its model is built around stealing data and publishing it. For a supplier, that is worse than classic ransomware: even if production keeps running, the damage can surface later — through exposed contracts, drawings, employee passports, customer correspondence and internal security procedures.

Tesla matters here as a marker of scale. Automakers and electronics suppliers are increasingly intertwined: batteries, power electronics, cameras, sensors, chips, assembly lines and contract manufacturing form a long chain in which the weakest link may sit not at Tesla or Apple themselves, but at a second-tier subcontractor.

Tata Group already has a fresh precedent: in 2025 a cyberattack on Britain’s Jaguar Land Rover shut down production for nearly six weeks. Back then the blow landed on the assembly line; this time it lands on the data. Both scenarios are equally painful for a sprawling holding with thousands of customers and suppliers.

For the market it is yet another reminder: relocating production from China to India or elsewhere does not eliminate risk, it merely changes its geography. A plant that assembles smartphones or components for electric vehicles today has to protect not only its machines and logistics, but also engineering files, access credentials, employee records and customer data.

Tata now has to prove two things: that production really was not affected, and that the leak did not expose critical customer secrets. For Apple and Tesla, the question is no longer just about reputation — it is about how much control they actually have over the security of their new global manufacturing network.