The company, which supplies key components for Apple products, recently discovered that a breach led to their data being found online.

 

What happened

Tata Electronics, an Indian supplier to Apple, recently reported to Reuters that they have restricted internal access to their systems following what they believe to be a massive leak. Tata is currently investigating an incident where thousands of secret client files were found on the dark web. Tata is working with a global consultant to conduct a forensic audit. The incident has also been reported to the Indian government and other clients.

 

Going deeper

Reuters found that the ransomware gang, World Leaks, posted over 200,000 files to the dark web. The leak included 16 files and folders that were allegedly documents from Taiwan Semiconductor Manufacturing Co, and 23 files from Qualcomm. Both of these organizations make critical components used in iPhones. The files also included alleged component design papers for Apple and Tesla, both of which are clients of Tata.

Reuters noted the breach could be a major set-back to Apple’s supply chain. Tata is also critical to Apple’s goal of moving their production process outside of China. Currently, Apple aims to have at least 26% of iPhones made in India by 2030, according to Manufacturing Today.

BleepingComputer added that the leaked information also includes multiple documents and directories related to Apple products, including internal component schematics, design and material information, and software developed kit files, which are bundles of tools and code used in software.

 

What was said

Tata Electronics acknowledged the incident, telling BleepingComputer,A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems…Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected.

An anonymous Tata spokesperson told Reuters that thethe investigation is ongoing,but currently,Tata Electronics has hardened access to its sensitive internal systems.Another anonymous industry official said that Tata’s official network access will bemore strictly regulated.The industry official implied that Apple is aware of the incident and is working on near and long-term measures to protect Apple’s data from future incidents.

World Leaks posted on their dark net site, according to Reuters, that they had approximately 630.4 gigabytes of data.

 

In the know

While many may not have heard of the WorldLeaks group, it is actually a rebrand of Hunters International, which wound down operations and released free decryptors in April of 2025. In its place, former members launched World Leaks, an extortion-only group, meaning they will no longer encrypt data but will still threaten to leak it on the dark web. The newer threat actor continues to target healthcare organizations alongside other companies, just like Hunters International did.

Read more:

 

The big picture

Breaches on massive organizations like Apple can have ramifications across multiple sectors in the United States. While it’s unclear how the issue may unfold, it’s possible that it could create supply-chain issues or cause Apple to move away from Tata, which could inadvertently impact organizations like hospitals that rely on Apple products. The incident also shows how threat actors evolve to remain competitive, changing tactics and styles to be as effective as possible at disrupting operations and making money. WorldLeaks' tactic to target production means that healthcare organizations should pay closer attention to middlemen, like the many third-parties they work with, which seem to be increasingly targeted rather than hospitals themselves.

 

FAQs

What does Tata mean bysecretfiles?

In this case, Tata meant that proprietary information, like design ideas or new technology concepts, had been accessed, rather than sensitive data, like protected health information. Both types of data are valued highly on the dark-web, because both can be used for fraudulent activity.

 

Why did Hunters International go through a rebrand?

Hunters International stated that the rebrand followed specific incidents in 2025, but did not specify what happened. It’s possible that they were facing increased law enforcement scrutiny and declining profits.