Skydagger — skydagger.com

Apple Wanted to De-Risk by Moving to India. It Backfired

Apple’s strategic effort to shift production from China to India has exposed the company to unprecedented cyber risks. A ransomware attack on Tata Electronics leaked 630GB of core iPhone 18 Pro data, compromising the tech giant's secretive global supply chain.

July 03, 2026 Ahmet Koçak

Cover Image

Tim Cook opens Apple's first outlet in India, April 18, 2023 - Getty Images

Apple’s strategic effort to insulate its supply chain by shifting production away from China has led to a massive cybersecurity failure in India.

Hackers infiltrated Tata Electronics, a key Indian supplier, and exposed the complete engineering architecture of the upcoming iPhone 18 Pro.

The U.S. technology company has spent years diversifying its manufacturing footprint to mitigate geopolitical and trade risks.

However, this transition to India has severely compromised its historically stringent operational secrecy.

Dark Web Exposure

The ransomware group World Leaks claimed responsibility for the breach on June 12. The organization uploaded more than 200,000 confidential files to a dark web platform.

The 630-gigabyte data dump contains full engineering drawings, base pricing models, and complete lists of component suppliers.

This contrasts sharply with Apple’s tenure at Chinese facilities like Foxconn, where leaks were largely limited to unauthorized factory photographs.

Industry analysts indicate the leak essentially outlines the entire supply chain structure for the iPhone 18 Pro. The exposed data details main circuit board chips, camera modules, and battery components.

The files also reveal internal bidding metrics among competing vendors. This specific intelligence highlights critical vulnerabilities and procurement strategies that Apple actively conceals from rivals and counterfeiters.

The De-Risking Paradox

Apple accelerated its pivot to India following manufacturing disruptions in China in 2020 and escalating U.S.-China trade tensions.

Indian facilities assembled approximately 55 million iPhones in 2025, accounting for a quarter of global production.

Tata Electronics entered the iPhone assembly sector in 2023. The rapid expansion of its responsibilities meant a vast concentration of highly sensitive proprietary data resided within a single external partner.

Security researchers note that accessing this volume of data required compromised internal credentials or weak access controls within the Indian supplier.

Tata Electronics has since restricted internal network access and initiated a forensic investigation.

Broader Corporate Vulnerability

World Leaks operates on an extortion-based model, having previously extracted 1.3 terabytes from Dell and 1.4 terabytes from Nike.

Corporate data remains the primary target, and no consumer payment or user data appears to have been compromised in the Tata breach.

Apple publicly expressed concern regarding the incident, but faces broader operational pressures.

The company already implemented early software updates in June to counter artificial intelligence cyber threats and raised hardware prices by up to 30 percent amid a global chip shortage.

The breach fundamentally challenges the viability of Apple’s current manufacturing expansion strategy.

It demonstrates that mitigating geopolitical risk in China has inadvertently created acute cybersecurity vulnerabilities within its new Indian manufacturing hubs.