Tata Electronics has confirmed a major cybersecurity incident after ransomware group World Leaks posted over 200,000 stolen files on the dark web – totaling 630GB of data, including design drawings, product specs, and confidential commercial documents from Apple and Tesla.

The Indian manufacturing giant detected system anomalies weeks ago and activated emergency protocols. Operations remain uninterrupted, but Tata has not commented on ransom demands. Apple has reportedly assembled a dedicated team to investigate the supply chain data leak.

Security researchers have verified that the leaked archive spans years of internal emails, system logs, and even foreign employee passport copies. Notable exposures:

• Tesla – controller data for Model Y upgrade charging ports, plus complete assembly drawings for the 2025 Highland Model 3 refresh – clearly marked as trade secrets

• Apple – 181 documents, including a 52-page iPhone circuit board quality standard with proprietary branding, plus production materials from Tata's Hosur iPhone assembly plant – all flagged with confidentiality notices

Tata Electronics sits at the heart of India's electronics manufacturing push, now handling one-third of India's iPhone production after acquiring Wistron's India plant and taking a stake in Pegatron's local lines. The company also serves Tesla, ASML, Intel, and Qualcomm.

This is not Tata's first security lapse – its Jaguar Land Rover unit suffered a similar attack last year, halting production for six weeks. Combined with prior regulatory scrutiny over farm pollution, the breach exposes vulnerabilities in offshore supply chain data protection as global brands diversify away from China.

As of publication, Apple and Tesla have not responded, and India's CERT-In has not commented. The leaked data has been on sale via dark web since June 10, with no third-party verification of full authenticity or completeness.

ICgoodFind Takeaway:
This breach is a wake-up call: offshore manufacturing scale does not equal data security. OEMs and brands must re-evaluate access controls, encryption, and incident response across every tier – because design IP is now as valuable as the hardware itself.