World Leaks stole 630GB from Tata Electronics and leaked Apple's iPhone 18 Pro files
World Leaks stole roughly 630GB from Apple assembly partner Tata Electronics and dumped iPhone 18 Pro supply-chain files online. India opened a criminal probe.
World Leaks stole about 630GB of data from Tata Electronics, one of Apple’s key India assembly partners. The extortion crew then dumped iPhone 18 Pro supply-chain files on the dark web, and on July 3 India confirmed it had opened a criminal probe. The haul reaches far past one phone.
What we know
Tata Electronics sits at the center of Apple’s plan to build iPhones outside China, and India now assembles roughly a quarter of the world’s iPhones. That scale is exactly why this breach stings. The stolen documents expose the supplier map, the part sources, and the prototype hardware that Apple has spent years keeping off the record, and they landed in public view instead of a rival’s private inbox. Apple’s product secrets usually trickle out through render leaks and insider tips; a 630GB engineering dump is a different order of exposure. Security researchers say the supplier data is the real prize, well ahead of any spec sheet. The confirmed details line up across several outlets.
- World Leaks posted 204,341 files totaling more than 630GB to its dark web leak site on June 12, according to Al Jazeera.
- The trove holds iPhone 18 Pro component lists, motherboard schematics, camera and battery module specs, supplier identities, and photos of prototype units in drop tests, some stamped Apple “Confidential,” per Tech Times.
- Stolen documents point to Apple’s in-house C2 modem, codenamed Ganymede, shipping in international iPhone 18 Pro units while US models keep Qualcomm silicon, AppleInsider reported from the files.
- Files tied to Tesla, Qualcomm, and TSMC also surfaced in the same dump, which suggests the theft reached beyond Apple.
- India’s IT Secretary S. Krishnan confirmed on July 3 that the incident had reached CERT-In and is under active investigation, Reuters reported.
Apple told reporters it’s concerned about the leak and is investigating, and that it’s working with Tata to add security measures, per Al Jazeera. Tata Electronics confirmed the incident, restricted internal access, and said it’s running a forensic review. Neither company has disputed that the files are genuine.
What we don’t know
Plenty about the 630GB World Leaks dump is still open, and some of it matters more than the phone specs.
- How many of the 204,341 files are unique versus duplicated or already outdated, which decides how much is genuinely sensitive today.
- Whether World Leaks is holding back data it hasn’t published, and whether it named a ransom that Tata refused to pay.
- Whether the Tesla, Qualcomm, and TSMC files came from Tata’s own systems or from a separate victim the group hit.
- Whether any supplier or design data has already been copied by a competitor, which no forensic review can fully rule out.
Who World Leaks is
World Leaks isn’t a new outfit. It launched on January 1, 2025 as a rebrand of Hunters International, the crew that grew out of the Hive ransomware operation the FBI disrupted in 2023, according to SecurityWeek. The group runs an extortion-only playbook: steal the data, skip the encryption, and threaten to publish unless the victim pays. Tata appears to have declined, because the files went public.
India’s response escalated fast. “We are investigating it,” Krishnan told a Confederation of Indian Industry cyber summit on July 3, confirming the breach had been reported to CERT-In, as Reuters relayed. Analysts see the supplier exposure as the lasting damage. “The bigger issue is the exposure of sensitive supplier and component information that Apple would never willingly put in the public domain,” Paolo Pescatore of PP Foresight told Al Jazeera.
What this means for you
If you own or plan to buy an iPhone, the direct risk here is low. No customer accounts, payment details, or user data appear in the dump, only Apple’s manufacturing internals. The people who should worry are Apple, its suppliers, and every brand that leans on contract manufacturers in India. Apple moved production to Tata to cut its dependence on China, and that shift widened the attack surface to partners whose security may not match Apple’s own. Attackers keep finding the soft edge at the supplier that sits one step out from the core product, the same way LastPass leaked customer data through a hijacked vendor. Watch two things next: whether Apple forces a security audit on Tata, and whether the leaked two-modem plan for the iPhone 18 Pro survives to launch. The supplier graph is the target now, and this dump is the blueprint for the next crew that tries it.
Share this article
Sources
- India investigating Tata data leak that exposed Apple iPhone secrets — Reuters
- Apple iPhone 18 Pro secrets leaked in Tata Electronics hack: What we know — Al Jazeera
- iPhone 18 Pro Leak: India Opens Criminal Probe as Stolen Files Reveal C2 Modem Plans — Tech Times
- Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks — SecurityWeek
- iPhone 18 Pro logic board schematics, A20 Pro data sheets, C2 modem files stolen from Tata — AppleInsider