Do Son 
India’s Tata Group has confirmed to Reuters that it recently suffered a cyberattack. Hackers claim they stole confidential Apple and Tesla documents from the company. Tata Electronics provides contract manufacturing for many clients, and Apple and Tesla are among them. So far, Tata has not detailed exactly what data leaked. Apple and Tesla have not commented either.
Hackers Claim 630GB Across 200,000 Files
A group called World Leaks posted the material on its dark-web leak site. The group’s name also serves as its handle. It published what it says are Apple and Tesla component design and specification files from Tata.
According to the site, the haul exceeds 630GB. The full package holds more than 200,000 files. One database is named com.apple.factorydata. Some documents reference the material specifications that Apple uses.
What the Sample Files Show
The sample set also includes documents marked with Apple’s proprietary labels. One 52-page file details the quality-check standards for iPhone circuit board assembly. Another 33 files or folders relate to Hosur. That is the site of Tata’s iPhone assembly plant in Tamil Nadu, India. In other words, some plant documents or process secrets appear in the leak. The Reuters report notes that one folder also referenced a Tesla charge-port controller for North America.
The Leak Ran for Weeks Before Discovery
Notably, Tata did not find this incident on its own. In fact, the hackers had been promoting sample data on the dark web since at least June 10. An Indian security researcher reviewed the sample files. He says they also contain a huge volume of emails, event logs spanning several years, and passport copies of employees, foreign nationals included.
In its official statement, Tata said it had detected a cybersecurity incident in some systems a few weeks ago. The company deployed its response plan right away. According to Tata, the event caused no impact on Tata Electronics operations. None of the group’s businesses were affected.
A Ransom Demand and an Uneasy Choice
Still, Tata Electronics confirmed it received a ransom demand from the attackers. The company did not reveal the amount. As a rule, if a victim refuses to pay, the stolen data goes public. For Apple and Tesla, that outcome would be hard to accept. So it remains unclear whether Tata will pay to keep the client data private.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
