NEW DELHI — When a criminal group called World Leaks posted more than 200,000 stolen files on the dark web last month, buried inside that cache were component lists, supplier identities, and photographs of an iPhone model Apple has not yet announced. The data came from Tata Electronics, the Indian conglomerate that now assembles more than a quarter of all iPhones sold globally. On Thursday, India confirmed for the first time that it is investigating.
S. Krishnan, the secretary of India’s Ministry of Electronics and Information Technology, said the breach had been reported to India’s Computer Emergency Response Team, known as CERT-In, and that authorities are actively examining the incident. Krishnan made the government’s first public statement on the matter on the sidelines of a cybersecurity summit organized by the Confederation of Indian Industry in New Delhi. He said the incident had been reported and that authorities are investigating.
The theft, which researchers estimate ran to more than 630 gigabytes of confidential data, was made public when World Leaks claimed responsibility on June 12. The material includes detailed specifications for chips, battery components, and camera modules linked to what appear to be iPhone 18 Pro models, along with the identities of Apple’s component suppliers across at least six file categories. Apple does not disclose that information in its public supplier database. Photographs dated to early 2026, apparently taken inside a Tata facility, show iPhone prototypes undergoing drop-testing.t
The breach reached beyond Apple’s unreleased product roadmap. Documents linked to Tesla, Qualcomm, and TSMC were also found among the material World Leaks published, suggesting the intrusion accessed multiple client file sets rather than targeting Apple data specifically. The full scope of what was taken, and what World Leaks chose not to publish, remains unclear.
Tata Electronics confirmed the incident and said it had restricted access to certain internal systems and brought in an external consultant to conduct a forensic review. Apple said it was concerned and investigating, and that it was working with Tata to implement additional security measures. That is the entirety of what Apple has said publicly, consistent with how the company typically handles supplier incidents: quietly and through back channels, until a regulatory filing or formal hearing compels more on the record. As Al Jazeera reported last week, the breach exposed information Apple would never willingly put in the public domain.

The attack fits the pattern World Leaks has established elsewhere. The group operates a hack-and-leak model: steal data, post it on the dark web, and collect from clients willing to pay to prevent further releases. It struck Dell for 1.3 terabytes of material in July 2025 and Nike for 1.4 terabytes in January 2026. Rajshekhar Rajaharia, a cybersecurity researcher who monitors such criminal groups, noted that hacking manufacturing systems to extort ransom has become very common as attackers seek leverage against companies whose competitive position is embedded in supplier relationships and unreleased product timelines.
Paolo Pescatore, an analyst at PP Foresight who tracks Apple’s supply chain strategy, put the specific risk plainly. The bigger issue, he said, is the exposure of sensitive supplier and component information that Apple would never willingly put in the public domain. He added that a breach of this nature is not usually a smash-and-grab exercise: the depth of what was taken suggests sustained access to Tata’s internal networks rather than a quick extraction targeted at one file set.
The stakes for New Delhi extend well beyond one company’s forensic review. India assembled approximately 25 percent of all iPhones produced globally in 2025, roughly 55 million units, up from 6 percent just four years earlier. Tata Electronics took over Wistron’s India assembly operations in 2023 and has since become central to Apple’s decade-long effort to reduce its dependence on Chinese manufacturing. A second major Apple supplier, Foxconn, has also expanded significantly in India over the same period. India’s growing role as a technology manufacturing and data infrastructure hub has made it a destination not just for hardware assembly but for the full range of foreign technology investment, from cloud infrastructure to semiconductor packaging.
That strategic position carries a corresponding burden. India must now demonstrate that what happens inside its factories is safe from the kind of sophisticated intrusion that put iPhone 18 Pro specifications on a criminal forum before Apple had announced the product’s existence. CERT-In’s investigation is the appropriate opening response. Whether it produces regulatory consequences for contract manufacturers handling foreign intellectual property, including tighter security certification requirements, mandatory breach disclosure timelines, or revised liability frameworks for suppliers, will determine whether New Delhi treats this as a systemic technology risk or an isolated incident.
For context on the supply chain pressures Apple has been managing this year, the company’s pricing changes earlier in 2026 reflected mounting component cost pressures that the industry has not fully absorbed. What the investigation cannot yet answer is whether any of the stolen material has been accessed by Apple’s competitors, whether the breach will alter Tata’s standing as Apple’s preferred Indian assembly partner, or what the remediation timeline looks like internally. The iPhone 18 Pro and Pro Max are still expected in September 2026. The questions the World Leaks cache raises about competitive exposure will resolve against that production clock, whether or not the forensic audit is complete by then.

