India’s Tata Electronics was hit by a significant cyberattack that hackers claim exposed confidential trade secrets belonging to Apple and Tesla. The breach was first reported by Reuters on June 23, 2026, with follow-up coverage from NDTV, Business Today, and Moneycontrol confirming details of the incident.
Tata Electronics is a subsidiary of Tata Sons and manufactures semiconductor components and electronics for major global clients, including Apple and Tesla. The company operates facilities in Hosur and Dholera, India.
What the Hackers Claim to Have
The threat actors behind the breach posted on a dark web forum claiming to have stolen confidential design specifications, supply chain data, and manufacturing process documents related to Apple and Tesla products. The sample data shared publicly includes internal schematics, vendor lists, and what appear to be proprietary testing protocols.
Security researchers at CloudSEK, an Indian threat intelligence firm, analyzed the leaked samples and confirmed they appear to be authentic internal documents. However, CloudSEK noted that some files could be outdated and that the full scope of the breach remains unclear.
Apple’s Response
Apple has dispatched its internal cybersecurity team to investigate the breach, according to Moneycontrol. Sources familiar with the matter say Apple is conducting a thorough audit of what data may have been compromised and may recommend new security requirements for Tata Electronics as a condition of continuing their manufacturing partnership.
Apple has historically taken aggressive action when supply chain partners are breached. In 2024, Apple terminated its relationship with a smaller manufacturing partner in China after a similar data exposure incident.
Tesla’s Position
Tesla has not issued a public statement as of June 24. However, industry sources indicate Tesla’s security operations center was notified within hours of the breach becoming public. The potential exposure of Tesla’s manufacturing data adds another headache for the automaker, which has been expanding its India operations.
How the Breach Happened
Preliminary analysis suggests the attackers exploited a vulnerability in a legacy ERP system that Tata Electronics had not yet migrated to its cloud infrastructure. The attackers reportedly gained initial access through a phishing email targeting an IT administrator, then moved laterally across the network over several weeks before exfiltrating data.
This pattern matches the attack methodology described in a January 2026 report by Mandiant, which warned that Indian manufacturing firms were increasingly targeted due to their role as contract manufacturers for Western technology companies.
Implications for India’s Manufacturing Push
The breach comes at a sensitive time for India’s semiconductor ambitions. The Indian government has committed $10 billion in incentives to attract chip manufacturing, and Tata Electronics is one of the flagship companies in this push. A high-profile security incident at one of the country’s most prominent electronics manufacturers could make global clients more cautious about entrusting sensitive IP to Indian suppliers.
The Indian Computer Emergency Response Team (CERT-In) has reportedly opened an investigation into the incident. Under India’s Digital Personal Data Protection Act, Tata Electronics could face penalties if the breach involved inadequate security measures for protected data.
Cybersecurity firms report that attacks on Indian manufacturing firms increased 67% in Q1 2026 compared to the same period last year.
