Apple iPhone 18 Pro secrets leaked in Tata Electronics hack: What we know
Documents and photos are stolen from Apple’s Indian supplier. How does this impact the US tech giant? Hackers have stolen more than 630 gigabytes of
Documents and photos are stolen from Apple’s Indian supplier. How does this impact the US tech giant? Hackers have stolen more than 630 gigabytes of confidential data from Tata Electronics, one of Apple’s key suppliers in India, and then released the documents, exposing details of parts, supplier information and photos of the iPhone 18 Pro, which is to launch in September. Tata Electronics is a major global electronics manufacturing company for companies such as Apple and Tesla. Reports said the ransomware group World Leaks is behind the publication of the stolen data files. The breach offers a rare insight into something Apple has guarded for years – how its global supply chain actually works. Apple said it is concerned about the leak and is investigating it. Here’s what we know about the leak and why it matters What do we know about the leak? World Leaks claimed responsibility for the breach on its dark web leak site on June 12, posting more than 200,000 files totalling over 630 gigabytes, according to the Reuters news agency. Tata Electronics confirmed the cybersecurity incident publicly. The files include detailed information on the iPhone 18 Pro from chips on its main circuit board to battery parts and camera modules and which supplier provides what part. There’s also information on which suppliers are competing for contracts to provide specific parts – details that could reveal where Apple is vulnerable and where the tech giant has the power to choose between multiple vendors. Paolo Pescatore, founder and analyst at the technology research and advisory firm PP Foresight, said the leak has exposed more than just the specific images of the iPhone 18 Pro.
“The bigger issue is the exposure of sensitive supplier and component information that Apple would never willingly put in the public domain,” he told Al Jazeera. “It potentially gives rivals, suppliers, counterfeiters and bad actors a rare glimpse into how Apple’s supply chain is structured and where it may be exposed.” How did the leak happen? Tata Electronics said it has restricted internal access and is reportedly conducting a forensic investigation into the leak. But Pescatore said, “A breach of this nature is not usually a smash-and-grab exercise.” To access this volume and type of data, he said, attackers “typically need a foothold inside the organisation, compromised credentials, weak access controls or the ability to move across internal systems undetected”. This access need not be within Apple itself but – as appears to have been the case in this instance – within a supplier. “That underlines how cybersecurity is now only as strong as the weakest link in the supply chain,” he said. What is World Leaks? It’s a ransomware group that follows what’s known as a “hack-and-leak” model: Victims are extorted to pay up or risk the leakage of large volumes of hacked data. World Leaks is known for targeting large firms. In July last year, it stole 1.3 terabytes of data from Dell, which the company downplayed, saying it was not sensitive data. And in January, it claimed to have stolen 1.4 terabytes of Nike’s data. Who is affected? The data stolen from Tata Electronics are mostly corporate information. There is no indication yet that consumer payment details or data from any Apple users were stolen.
