Tata Electronics has tightened access to its internal systems and launched a forensic investigation after a cyberattack exposed thousands of confidential client files on the dark web, according to people familiar with the matter, raising new concerns about cybersecurity within Apple’s expanding supply chain in India.
The company, one of Apple’s most important manufacturing partners outside China, has also informed the Indian government and affected customers while hiring an international cybersecurity consultant to conduct an independent forensic audit, a source with direct knowledge of the investigation said.
The security measures come after ransomware group World Leaks claimed responsibility for publishing more than 200,000 files allegedly stolen from Tata Electronics. The leak reportedly includes engineering documents and confidential technical information linked to several major technology companies, including Apple, Tesla, Taiwan Semiconductor Manufacturing Co. and Qualcomm.
Reuters previously reported the existence of the leaked database but could not independently verify the authenticity of the documents.
Tata Electronics has publicly acknowledged that it identified what it described as a cybersecurity incident, while maintaining that manufacturing operations have not been affected.
As investigators continue examining the breach, Tata has significantly tightened internal security procedures across its offices and manufacturing facilities.
According to three people familiar with the company’s response, remote access to sensitive internal systems—including procurement platforms used for purchase orders and other critical operational tools—is now limited to a select group of authorized employees.
Previously, a broader range of personnel could access those systems remotely.
Although employees may still work from home where appropriate, only specifically authorized staff members can now connect to highly sensitive corporate platforms.
“Tata Electronics has hardened access to its sensitive internal systems,” one source said. “The investigation is ongoing.”
The tighter controls apply across Tata Electronics’ operations rather than being limited to individual manufacturing plants.
Another industry official said the company has also strengthened authentication and network security requirements for employees connecting from outside corporate facilities, reducing the risk of unauthorized access during the ongoing investigation.
According to one source, Apple’s own security team is working closely with Tata Electronics on both immediate mitigation efforts and longer-term cybersecurity improvements designed to strengthen protections throughout the supplier’s operations.
Neither Tata Electronics nor Apple responded to requests for comment regarding the investigation.
Taiwan Semiconductor Manufacturing Co. and Qualcomm also did not comment.
India’s Computer Emergency Response Team, which reportedly received Tata’s incident report, likewise did not immediately respond to inquiries.
The leaked material appears to extend beyond Apple-related information.
Reuters found at least 16 files or folders allegedly connected to TSMC and 23 linked to Qualcomm within the database published by World Leaks.
Among the documents reviewed by Reuters was a file marked “TSMC Secret” containing what appeared to be product reliability testing information accompanied by component photographs.
Another document attributed to Apple’s Silicon Engineering Group reportedly linked Apple component identification numbers with corresponding TSMC part numbers while including revision histories identifying Apple employees.
The leak also contained an alleged confidential Qualcomm engineering document detailing the design and operation of a power management integrated circuit.
Reuters could not independently confirm the authenticity of any of those materials.
World Leaks said the stolen database contains more than 204,000 files totaling approximately 630 gigabytes of data.
The group’s website, which is accessible only through the dark web, could not immediately be reached for additional comment.
The incident represents another challenge for Tata Electronics as the company rapidly expands its role in global electronics manufacturing.
Led by Chief Executive Randhir Thakur, a former executive at Intel and Applied Materials, Tata Electronics has become central to Apple’s strategy of diversifying iPhone production beyond China.
Industry estimates indicate India could manufacture roughly 26% of the world’s iPhones this year, compared with just 6% four years earlier, reflecting Apple’s accelerated supply chain shift.
The cyberattack also follows other recent operational challenges for the Tata Group.
Last year, Jaguar Land Rover, another Tata-owned company, suffered a cyberattack that disrupted production for several weeks.
Separately, Tata Electronics has faced scrutiny over environmental concerns surrounding one of its iPhone component manufacturing facilities in India.
For Apple, the latest breach highlights the growing cybersecurity risks facing increasingly complex global supply chains as production expands across multiple countries.
Although there is currently no indication that customer devices or production have been directly affected, cybersecurity experts say attacks targeting suppliers can expose sensitive engineering information, intellectual property and confidential commercial relationships.
With investigators continuing to examine the scope of the breach, Tata Electronics has focused on containing potential risks while strengthening internal safeguards designed to prevent further unauthorized access to its systems.
