Source linked

World Leaks Dumps Apple Manufacturing Schematics in Tata Electronics Hack

bleepingcomputer.com@proud_otteryesterday·Cybersecurity·6 comments

The extortion-only group leaked PCB designs and SDK files from the Apple iPhone supplier, weeks after the breach.

tata electronicsappleworld leakshunters internationaldata extortioncybersecurity

A ransomware group that dropped data encryption now just steals and leaks - and Tata Electronics just found out the hard way.

World Leaks, the rebranded Hunters International crew that wound down operations in July 2025, dumped directories containing alleged Apple manufacturing data from Tata Electronics. We're talking internal component schematics, PCB designs, material specifications, and SDK files. Tata confirmed the breach to BleepingComputer, saying a few weeks ago they identified a cybersecurity incident on some systems. Operations, they claim, ran normally.

Why World Leaks Ditched the Ransomware

Hunters International used encryptors. World Leaks doesn't. Pure data extortion: steal the files, threaten to leak, collect the check. No encryption means lower noise, fewer forensic artifacts. Their trophy case includes Dell (confirmed breach July 2025) and Nike (1.4 TB of files alleged stolen January 2026). Tata is the latest scalp. If you're manufacturing Apple iPhones and iPhone components, you're a high-value target.

What the Leak Tells Us About Apple's Supply Chain

The leaked data includes PCB designs and SDK files - material that sits deep inside a supplier's engineering systems. Tata Electronics, founded in 2020, quickly became one of India's largest tech manufacturers, producing and assembling Apple hardware. A leak of this specificity means attackers likely had persistent access to file servers or engineering workstations. Apple hasn't responded to BleepingComputer's inquiry. Whether any proprietary Apple IP was exposed remains unanswered.

Tata's Response: Standard Play, Sparse Details

Tata's statement is textbook: deployed response protocols, no operational impact, no threat actor attribution. They didn't confirm or deny the leak authenticity. World Leaks posted the data, so the assumption is it's real. Tata's next move should be a forensic audit of what exactly was exfiltrated and whether the blast radius covers other Tata Group divisions.

Supply chain attacks aren't going away. When your contract manufacturer holds schematics for unreleased hardware, that data becomes a bargaining chip. Expect every Apple supplier to review their segmentation and vendor access controls - because World Leaks is still active and still hungry.

Source: Tata Electronics confirms cyberattack as hackers leak data
Domain: bleepingcomputer.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
DraftKings Hacker 'Snoopy' Gets 18 Months for $600K Credential Stuffing Heist

Nathan Austad, 21, admitted to compromising 60,000 DraftKings accounts and stealing $600,000; prosecutors say his crypto wallets received $465,000.

Attackers Exploited Cisco SD-WAN Zero-Day to Create 'troot' Root Account

Mandiant reveals attackers behind the Cisco SD-WAN zero-day uploaded a malicious CSV file, created a root account named 'troot', then restored system files and erased all traces.

Global Takedown of Amadey and StealC Cuts Off Cybercrime Assembly Line

A coordinated operation targeting two unrelated malware platforms simultaneously blocked over $47 million in fraud and disrupted the supply chain for credential theft and ransomware.

Edgecution Extension Abuses Native Messaging to Drop Python Backdoor

A malicious Microsoft Edge extension escapes the browser sandbox using Chrome's Native Messaging protocol, deploying a Python 3.13.3 backdoor in a ransomware-linked attack.

Comments load interactively on the live page.