Hacker working on a code showing security breach

Security Breach at Tata Electronics Affects Apple, Tesla, and Other Technology Giants

Tata Electronics is investigating a security breach following claims by the World Leaks hacking group that it had stolen company data and listed it for sale on an underground hacking forum.

Tata Electronics accounts for nearly a third of all iPhone production in India, while Foxconn makes up the rest. It supplies circuit boards, back panels, and enclosures.

The company confirmed the data breach nearly two weeks after the threat actor listed the stolen data for sale on the dark web.

“A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems,” the company told Reuters.

Tata security breach leaked proprietary data from Apple, Tesla, and other companies

The 630.4 GB archive reportedly contained about 204,341 files, including Apple’s and Tesla’s component designs and specifications, including clearly marked confidential proprietary data. It also includes emails, employee passports, and event logs, which could expose the IT infrastructure to more attacks.

Since June 10, the stolen data was available for free download. Its exposure could enable cybercriminals to discover security vulnerabilities and competitors and counterfeiters to reverse-engineer products.

The leaked folders contain hundreds of references to Apple and Tesla. The security breach reportedly also affected Pegatron, Foxconn, and Qualcomm, though those claims have not been independently confirmed.

“What stands out here is not just the volume of data, but the amount of strategic information concentrated inside one supplier,” said Michael Centrella, Head of Public Policy at SecurityScorecard. “Tata Electronics sits inside the operations of companies such as Apple and Tesla, so a breach can expose far more than ordinary corporate records.”

Upon learning of the security breach, Tata Electronics activated its cyber incident protocols to contain the threat and prevent operational disruption.

Apple has also confirmed that it launched an investigation into the security breach, but has not provided additional details.

Meanwhile, Tata Electronics has received ransom demands, though the actual amount remains undisclosed. The attack vector exploited has also not been disclosed.

First detected in 2025, World Leaks is an emerging double-extortion cybercrime gang that targets organizations across the manufacturing, technology, defense, retail, industrial, and enterprise sectors.

It typically gains access via social engineering and phishing, weak, stolen, and compromised passwords, unpatched vulnerabilities, supply chain attacks, weakly protected remote access protocols, such as VPNs and RDPs, and initial access brokers.

The group was attributed to the Nike cyber attack in 2026, which reportedly leaked over 1.4 TB of data, containing 190,000 corporate files. In 2025, World Leaks also claimed responsibility for a cyber attack on defense contractor L3Harris and published samples of stolen data on its dark web leak site.

“Whenever a breach becomes public because stolen data appears on the dark web, it raises a larger question: how many similar operations, especially those conducted by nation-state-level adversaries, are still operating undetected?” Asked John Strand, Owner, Black Hills Information Security. “The attacks that make the news deserve attention, but the greater concern is the reuse and evolution of the same tactics, tools, and infrastructure across campaigns that never become visible.”

Cybercriminals target tech companies

Tata has experienced security breaches in the past. In September 2025, Tata-owned British ​automotive company Jaguar Land Rover suffered a ransomware attack that disrupted operations for 6 weeks.

In May 2026, Foxconn confirmed a cyber attack that leaked 8 terabytes of data from major technology companies, including Intel, Apple, Google, Dell, Nvidia, and others. The ransomware attack disrupted operations, forcing the company to suspend operations and order employees to stay at home.

In December 2025, Apple, Nvidia, Qualcomm, LG, Meta, Geely, Tesla, and other tech giants reportedly experienced a data breach after the Russian ransomware group RansomHouse compromised a third-party supplier, Luxshare. The cyber attack leaked proprietary data, including CAD models, circuit board designs, and engineering documentation.