India investigates Tata Electronics data breach exposing iPhone 18 secrets
Government officials have launched an investigation into Tata Electronics following a ransomware attack by World Leaks. The breach exposed sensitive manufacturing specifications for Apple’s iPhone 18 and components for Tesla.
The government of India has officially launched an investigation into a large-scale data breach at Tata Electronics, a manufacturing partner for Apple. S. Krishnan, secretary at the Ministry of Electronics and Information Technology, confirmed the government’s involvement on Thursday, July 3, 2026. This announcement represents the first public comment from Indian officials regarding the incident.
Scope and Nature of the Compromise
The breach is attributed to a ransomware collective known as World Leaks, which reportedly exfiltrated more than 630 gigabytes of data. Security researchers discovered that the group published upwards of 200,000 files on the dark web. Documentation indicates that this data has been accessible online since at least June 10, 2026. The stolen cache includes internal emails, multi-year event logs, employee passport copies, and extensive manufacturing specifications.
Media additions
For Apple, the leak provides rare access to proprietary information regarding its supply chain. The compromised files reveal which specific vendors are contracted to produce individual components for the iPhone 18 Pro — a level of detail the company does not share in its public supplier database. Among the recovered materials are documents labeled com.apple.factorydata
and a 52-page file detailing quality inspection standards for circuit board components. Some items within the cache carried footers explicitly stating they contain proprietary information of Apple Inc.
The impact extends beyond the smartphone industry. The leaked data includes documents tied to Tesla, Qualcomm, and TSMC. For Tesla, the files reference components for a refreshed version of the Model 3 and a chargeport controller for a revamped Model Y SUV. Certain documents related to the automotive manufacturer were marked TRADE SECRET
and dated as recently as 2023.
Operational and Security Implications
Tata Electronics confirmed the cybersecurity incident, stating that its internal response protocols were deployed immediately upon detection. The company maintains that its business operations remain functional. To address the aftermath, Tata Electronics has engaged a global consultant to perform a forensic audit.
In 2025, India assembled approximately 55 million iPhones, accounting for about one in four units globally. Paolo Pescatore of the advisory firm PP Foresight noted that such breaches typically suggest long-term access rather than a single event. He stated that the incident demonstrates that cybersecurity is only as strong as the weakest link in a global supply chain.
This incident is not the first major security challenge for the broader Tata conglomerate. In 2025, its subsidiary, Jaguar Land Rover, experienced a ransomware attack that halted production for six weeks. Experts warn that manufacturing firms are increasingly targeted by groups utilizing a hack-and-leak
model, where attackers threaten to release sensitive volumes of proprietary data to extort financial settlements.
Timeline of Developments
- June 10, 2026: Stolen data from Tata Electronics becomes accessible on the dark web.
- June 12, 2026: World Leaks claims responsibility for the breach.
- July 3, 2026: India’s Ministry of Electronics and Information Technology announces that it is investigating the matter through the Computer Emergency Response Team.
What to Watch Next
The investigation is currently under the oversight of India's Computer Emergency Response Team. The involvement of World Leaks — a group previously linked to breaches at companies such as Nike and Dell, indicates an ongoing attempt to pressure the company through the continued threat of exposure.