World Leaks Posts 200K Tata Electronics Files With Apple, Tesla Data

Tata Electronics confirmed a cybersecurity incident after the World Leaks extortion group published over 200,000 files allegedly containing Apple and Tesla manufacturing data. The leaked documents include component schematics, PCB designs, material specifications, and documents marked as trade secrets.

The Indian electronics manufacturer—which produces iPhone components and supplies both Apple and Tesla—disclosed the breach on June 23. The company stated that incident response protocols were deployed immediately and that operations remain unaffected.

What Was Leaked

World Leaks posted more than 630 gigabytes of data on their dark web extortion site. The files span both companies:

Apple-related documents include:

• Folders titled "com.apple.factorydata"
• Material specification documents
• Manufacturing process documentation
• Component design files

Tesla-related documents include:

• A folder labeled "NV36 Chargeport Controller - North America," referencing parts used in upgraded Model Y SUVs
• A 2023 document marked "TRADE SECRET" containing drawings for Project Highland—Tesla's internal codename for the revamped Model 3 sedan
• Additional manufacturing schematics

The presence of documents dated 2023 and referencing ongoing vehicle programs suggests the stolen data remained current and commercially sensitive.

World Leaks Background

World Leaks operates as a pure extortion group—they steal data and threaten to publish it rather than encrypting systems with ransomware. The group rebranded from Hunters International, a ransomware operation that shifted to data theft in January 2026.

The group has claimed several high-profile victims this year. In January, they posted 1.4 terabytes of data allegedly stolen from Nike. They've also claimed responsibility for a previous Dell breach and other enterprise targets.

This approach follows a broader industry shift toward encryption-less extortion. As we covered in our ransomware trends analysis, groups are finding that data theft alone generates sufficient leverage without the operational complexity of ransomware deployment.

Supply Chain Security Implications

Tata Electronics sits at a critical node in the consumer electronics supply chain. As a key Apple manufacturing partner, any compromise of their systems raises questions about intellectual property protection across the broader ecosystem.

Apple told reporters they were investigating the breach, with "a full analysis going on." Tesla has not publicly commented.

The incident highlights a persistent challenge for technology companies: their security posture is only as strong as their suppliers. Even organizations with robust internal security programs remain vulnerable to breaches at manufacturing partners, logistics providers, and other third parties.

For companies protecting trade secrets, the Tata breach illustrates why supply chain security assessments should extend beyond cybersecurity questionnaires. Questions worth asking include:

• How are design files stored and transmitted between partners?
• What access controls exist on manufacturing documentation?
• How quickly can partners detect and respond to intrusions?
• What contractual obligations exist for breach notification?

Ransom Demands

Tata confirmed receiving a ransom demand related to the incident but hasn't disclosed the amount or whether negotiations occurred. World Leaks typically gives victims a deadline to pay before publishing stolen data.

The group's decision to post 200,000+ files suggests either negotiations failed or Tata refused to engage. Organizations increasingly adopt a policy of not paying ransoms, though the calculus changes when stolen data includes customer information protected by regulatory requirements.

In this case, the exposed data appears to be primarily trade secrets and manufacturing specifications rather than personal data. While commercially damaging, this may limit Tata's regulatory exposure compared to breaches involving customer records.

Company Response

Tata Electronics stated: "Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected."

The company did not identify the threat actor in their official statement or provide details about how the intrusion occurred. Investigation is ongoing.