Tata Electronics has confirmed a cybersecurity incident after researchers discovered a cache of more than 200,000 files allegedly containing sensitive documents linked to Apple and Tesla, raising fresh concerns about cybersecurity risks across global manufacturing supply chains.
The Indian electronics manufacturer said it identified the incident several weeks ago and activated its response protocols immediately. The company maintained that its operations remain unaffected.
The disclosure follows reports by Reuters, which cited cybersecurity researchers who reviewed files published on the dark web by ransomware group World Leaks.
Tata confirms cybersecurity incident
In a statement to Reuters, Tata Electronics said it had detected a cybersecurity incident affecting some of its systems.
"A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems. Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected," the company said.
Reuters also reported, citing a source familiar with the matter, that Apple is investigating the breach and conducting a full analysis. The source further claimed Tata Electronics had received a ransom demand linked to the incident.
Tata Electronics declined to comment on the reported ransom demand. Apple did not respond to Reuters' requests for comment.
Researchers point to large data dump on dark web
According to Reuters, ransomware group World Leaks claimed responsibility for publishing data allegedly stolen from Tata Electronics.
The group said the dataset contains more than 200,000 files amounting to over 630 gigabytes of information.
Reuters reported it could not independently verify the authenticity of the files.
Cybersecurity researcher Rajshekhar Rajaharia, who reviewed the material for Reuters, said the data appeared to include:
- Emails spanning several years
- Event logs
- Passport copies of employees, including foreign nationals
- Manufacturing-related documents
- Product specifications and component records
A second researcher, Rakesh Krishnan, told Reuters the files had been accessible on the dark web since at least 10 June.
Apple and Tesla documents allegedly exposed
Among the files reviewed by researchers were documents purportedly linked to both Apple and Tesla, two major customers of Tata Electronics.
Reuters reported that the World Leaks database contained folders and files bearing references such as:
- "com.apple.factorydata"
- "material specification"
- Apple quality inspection standards for iPhone circuit board components
Researchers also identified documents allegedly associated with Tesla's Project Highland, the internal codename for the updated Model 3 sedan.
One folder reportedly referenced a "NV36 Chargeport Controller - North America", which researchers said could relate to components used in an upgraded version of Tesla's Model Y.
According to Reuters, some files carried notices stating they contained confidential and proprietary information belonging to Apple and Tesla.
Tesla did not respond to Reuters' requests for comment.
Fresh challenge for Apple's India supply chain
The incident represents another challenge for Apple's expanding manufacturing ecosystem in India.
Tata Electronics has become one of Apple's most important manufacturing partners outside China as the technology giant continues to diversify production locations.
Industry sources cited by Reuters said Tata currently accounts for roughly one-third of Apple's iPhone production in India, while Foxconn manufactures the remainder.
Researchers also identified files and folders linked to Hosur, Tamil Nadu, where Tata operates a major iPhone assembly facility.
Reuters further reported that Tata informed some employees involved in its iPhone assembly operations about the breach last week.
Manufacturing sector faces growing cyber risks
The incident highlights the increasing cybersecurity pressures facing manufacturers as production systems, supply chains and engineering operations become more digitally connected.
Tata Group companies have previously faced cyber incidents. Reuters noted that Jaguar Land Rover, the Tata-owned British automotive manufacturer, suffered a cyberattack last year that disrupted production for six weeks.
The latest case also underscores the growing threat posed by ransomware groups targeting companies that handle intellectual property, product designs and sensitive operational data for some of the world's largest technology brands.
Investigation continues
Several questions remain unanswered, including the origin of the breach, the authenticity of the published files and whether any customer data or proprietary information was compromised.
For now, Tata Electronics says business operations remain unaffected. Meanwhile, Apple's reported investigation and the appearance of alleged Apple and Tesla documents on the dark web are likely to intensify scrutiny of cybersecurity practices across increasingly complex global manufacturing networks.
New leaders, fresh capital, workforce shifts and unfiltered conversations — the story of work unfolds here.