What happened
Tata Electronics confirmed a cybersecurity incident after the ransomware group World Leaks published more than 200,000 files totaling over 630 gigabytes on the dark web.
The leaked files allegedly contain proprietary and confidential documents belonging to Apple and Tesla. World Leaks claimed responsibility for the attack and posted the stolen data on its dark web site.
Indian cybersecurity researcher Rajshekhar Rajaharia reviewed the files and confirmed that the data had been accessible on the dark web since at least June 10, 2026. A ransom demand was issued to Tata Electronics, though the company declined to comment on the specifics.
The leaked dataset reportedly includes emails, multi-year event logs, employee passport copies, and manufacturing and component design specifications.
A search for Apple in the World Leaks database returned 181 files and folders, including several labeled as factory data and material specifications. One 52-page document allegedly bore Apple proprietary markings and detailed quality inspection standards for iPhone circuit board components.
The Tesla-related data reportedly included a folder labeled for a chargeport controller tied to North America and engineering drawings related to Project Highland, Tesla’s internal codename for the revamped Model 3 sedan. An assembly document dated May 2025 was also identified, and Tesla files reportedly carried markings indicating they were confidential, proprietary, and trade secrets.
Tata Electronics said its response protocols were deployed immediately after detecting the incident and that operations across its businesses remain unaffected. Apple confirmed it is investigating the breach and conducting a full analysis. Tesla had not responded to media requests at the time of reporting.
Who is affected
Tata Electronics, Apple, and Tesla are directly affected by the alleged exposure of confidential manufacturing and design-related documents.
Employees whose passport copies or other information were included in the leaked dataset may also be affected.
The incident is especially significant because Tata Electronics manufactures approximately one-third of Apple’s iPhones in India. If the leaked files are verified, the breach could expose sensitive supply chain, manufacturing, quality assurance, and engineering information tied to major technology and automotive companies.
Why CISOs should care
This incident highlights the risk of ransomware and extortion groups targeting Tier-1 suppliers in global technology supply chains. A single supplier compromise can expose proprietary information belonging to multiple high-value customers.
For CISOs, the most important lesson is that third-party and manufacturing partners can hold data that is just as sensitive as internal systems. Component specifications, factory data, quality inspection documents, event logs, passport copies, and engineering drawings can all create operational, intellectual property, regulatory, and reputational risk if exposed.
The breach also shows why supplier security needs to cover more than uptime and production continuity. Tata Electronics said operations were unaffected, but the alleged data leak still involved hundreds of gigabytes of confidential documents. That makes data protection, access governance, and leak response central parts of supply chain security.
3 practical actions
- Review supplier access to proprietary engineering and manufacturing data: The leaked files allegedly included Apple and Tesla design, manufacturing, and quality-related documents. CISOs should assess which suppliers store confidential product data and whether access is limited, monitored, and contractually governed.
- Strengthen controls around high-value supply chain repositories: The dataset reportedly included emails, event logs, passport copies, component specifications, and engineering drawings. Security teams should apply strict access controls, logging, encryption, data loss prevention, and retention limits to repositories holding partner or customer confidential information.
- Prepare joint incident response plans with strategic suppliers: Tata Electronics, Apple, and Tesla are all tied to the reported exposure. Organizations should define how suppliers will notify customers, validate leaked data, coordinate forensics, and support communications when a breach exposes customer-owned intellectual property.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.