A key Indian Apple manufacturing partner on Monday admitted that it was recently hit with a cyberattack that resulted in confidential Apple documents being leaked on the dark web.
Tata Electronics said it had detected a “cybersecurity incident,” after security researchers told Reuters that ransom group World Leaks had shared more than 200,000 files belonging to customers, including Apple and Tesla.
“A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our systems. Our response protocols were deployed immediately, and the incident has had no impact on our operations across businesses, which remain unaffected,” Tata Electronics told Reuters in a statement.
While Apple has yet to comment on the leak, a “source familiar with the matter” told Reuters that Apple was conducting its own investigation into the breach, with a full analysis.
The hackers are believed to have sent a ransom demand to Tata, but the group declined to comment.
Much of the leaked documents reportedly contain designs for components, as well as specification papers. The report says one 52-page Apple document includes proprietary markings, as well as details about quality inspection standards for iPhone circuit board components. Among the purloined files are emails, event logs spanning multiple years, and copies of employees passports.
Reuters was unable to verify any of the documents, which have been available on the dark web since at least June 10. The dark web is beyond the reach of traditional search engines.
This breach is just the latest in a series of setbacks for Apple assembly partner Tata, as it is also currently facing a health probe over the alleged contamination of farmlands near one of its iPhone parts plants.
An Indian state health authority is reportedly investigating how liquid discharged from Apple supplier Tata’s iPhone components factory has affected farmers, some of whom complained about skin issues from contamination in their farmlands.
