Tata Electronics confirms a breach as World Leaks dumps 630GB of Apple supplier files

Tata Electronics has confirmed it was breached, and a data-extortion group is publishing the files. The company told BleepingComputer that it "identified a cybersecurity incident on some of our systems" a few weeks ago, that its "response protocols were deployed immediately," and that operations across its businesses were unaffected. That last part is probably true. It is also the least interesting thing about the incident.

Tata Electronics is the Tata Group's electronics and semiconductor arm, founded in 2020, now one of the larger contract manufacturers assembling iPhones and iPhone components in India. The group claiming the data is World Leaks, which posted directories it says came from Tata: component schematics, PCB designs, material specifications, and SDK files, roughly 630GB in all.

Start with what World Leaks is, because it explains the shape of the leak. It does not encrypt anything. It steals files and threatens to publish them, and it is widely treated as a rebrand of Hunters International, the ransomware crew that wound down in July 2025. Same playbook, minus the encryptor. Earlier targets include Dell, which confirmed a breach of a test-lab platform in July 2025, and Nike, which the group claimed to have hit for 1.4TB in January 2026. A pure-extortion operation keeps its best material in reserve, because the leverage is the part it has not posted yet. Hold that thought while reading the file list.

What is actually in the dump

AppleInsider went through the leaked files and authenticated the sensitive ones: logic board schematics for the iPhone 18 Pro and 18 Pro Max, data sheets for the A20 Pro (codenamed Borneo), the full set of Apple part numbers for iPhone 18 Pro components, and documentation for Apple's in-house C2 modem (codenamed Ganymede). The schematics show the board layouts across multiple layers and name the suppliers for individual chips. The files carry the markings of real Apple design documentation, many created in Siemens NX. So the genuinely confidential material is real, and it is in there.

The 630GB number is doing a lot of work, though. By AppleInsider's account, most of the haul is quality-control paperwork, hardware-test records, NonUI internal iOS builds, and assembly-line documentation. The high-resolution imagery and drop-test videos in the set are of the iPhone 17 Pro and the base iPhone 15, both of which have been on sale for a while. There is a single stray reference to the foldable iPhone (internal identifier V68) and nothing else on unreleased hardware past the 18 Pro. The widely repeated "A20 Pro specs" come down to inferences from a data sheet, an improved image signal processor and some display-security changes, not an Apple roadmap.

The part Tata got right

Buried in the analysis is a detail worth pulling out. Files listing component configurations had their color options redacted because of NDAs, a precaution AppleInsider notes even Foxconn has not always taken. That is a manufacturer that compartmentalized its most sensitive fields before anyone broke in. It is the difference between losing a warehouse and losing a warehouse where the safe was already emptied.

Why a contract assembler holds logic board schematics, marketing art, and drop-test videos on internet-reachable systems at all is the question that should outlast the iPhone-spec screenshots. The most valuable data in a modern hardware company increasingly sits on a supplier's file share, which means the supplier's security is now your security. This is the second time in two months that Apple design data has come out of a manufacturing partner. A May 2026 attack on Foxconn's North American facilities took server and schematic files, and by AppleInsider's read that haul was worth less than this one.

What this is not

This is a theft of documents. It is not a flaw in any shipping product. There is no CVE here, no exploit running against iPhones in the wild, nothing an owner needs to patch. The exposure is competitive and reputational: someone now holds board layouts and part numbers for a phone that is still months from sale, and reporting from TechRadar and Cybernews indicates the same dump touches files tied to Tesla, another Tata customer. Apple is investigating, and Tata reportedly received a ransom demand. Whether World Leaks holds the more damaging iPhone 18 Pro files back as leverage or dumps them to prove a point is the thing to watch, and that is a business decision on their end, not a technical one.