Tata hack: Apple documents allegedly leaked Apfelpatient

One of Apple's key manufacturing partners in India has been targeted by cybercriminals. Tata Electronics has confirmed a security incident, while a hacking group claims to have stolen confidential documents from Apple and Tesla – parts of which are reportedly already circulating on the dark web. Tata is also facing a ransom demand.

Tata Electronics is a key pillar in Apple's efforts to diversify iPhone manufacturing and become less dependent on China. The company assembles older iPhone models in southern India, among other things, and is thus firmly embedded in Apple's supply chain, as demonstrated by the expansion of iPhone production with new factories in India. This close integration is precisely what makes a cyber incident at Tata so critical for Apple – especially since the attackers are specifically using Apple-related tactics.

What Tata confirms – and what the attackers claim

The past few weeks have been difficult for Tata. In addition to a regulatory investigation into alleged environmental problems, the company has now confirmed a cyberattack. A group operating under the name World Leaks claims to have published design and specification documents for components from Apple and Tesla – both of which are customers of the Indian conglomerate.

Tata Electronics confirmed the incident itself to the Reuters news agency. A security breach was detected on individual systems several weeks ago, prompting the immediate activation of internal response protocols. The attack had no impact on ongoing business operations. The company did not provide specific details regarding the extent of the data breach. The attackers, however, claim a data set containing more than 200,000 files and exceeding 630 gigabytes in volume.

What should be in the data

The case becomes particularly sensitive due to the nature of the allegedly stolen documents. According to reports, the attackers' platform contains several purported Apple files and folders, some bearing names like "com.apple.factorydata" or referring to "material specification." Among them is said to be a 52-page document containing Apple's own proprietary markings, allegedly describing quality control standards for iPhone circuit board components.

In addition, more than 30 files and folders appear under the search term "Hosur"—the location in Tamil Nadu where Tata's central iPhone assembly plant is situated. However, independent confirmation of the authenticity of these documents is pending; the reporting parties were unable to verify the documents shared online.

Personal employee data is also affected

Beyond the production documents, sensitive personal data may also be affected. An Indian security researcher who reviewed the files reported finding emails, multi-year event logs, and passport copies of employees - including foreign nationals. Another security expert believes the dataset has been accessible on the dark web since at least June 10th.

Apple's reaction and a ransom demand

Apple declined to comment publicly when asked, but is reportedly conducting a thorough internal analysis of the incident. Tata Electronics has also reportedly received a ransom demand – a typical tactic in attacks of this kind, where criminals use stolen data as leverage. It is not yet known how the company will respond.

How vulnerable Apple's supply chain is

The incident highlights a risk that extends beyond this isolated case. The more Apple distributes its manufacturing to external partners, the more the protection of confidential design and process data depends on the IT security of these suppliers. Even if Apple's own systems remain untouched, an attack at a manufacturing partner can expose sensitive internal information. For a company that has made secrecy a strategic principle, this is an uncomfortable reminder that the security of the supply chain is only as strong as its weakest link. (Image: Shutterstock / Raphael_HJ)