First Foxconn, now Tata — Apple suppliers keep getting hacked

5gDedicated

The recently reported cyberattack against Tata Electronics is shaping up to be one of the most consequential attacks exposing important trade secrets belonging to Apple and, conceivably, other clients, including a slew of details about the upcoming iPhone 18 Pro. The attack follows May’s assault against key Apple manufacturing partner Foxconn.

World Leaks iPhone 18 Pro

Hackers from the ransomware group World Leaks managed to penetrate systems belonging to Apple’s most important manufacturing partner in India to exfiltrate hundreds of documents, including drop test videos, schematics, design details — even specifics about Apple’s C2 modem design. 

Reuters confirmed last week’s Apple Insider scoop that the leaked documents also included the purported board layouts for the iPhone 18 Pro and 18 Pro Max, as well as data sheets for the rumored A20 Pro chip.

The data reveals some of this year’s colors, including a red, dark cherry, and gray, and indicate that the basic design remains the same, albeit with a slightly wider camera bump. They also suggest the upcoming high-end iPhone is a little thicker than current models and hint at a smaller Dynamic Island.

A brand new processor design

But the leaks also show something far more interesting: Apple is adopting a new processor design in the A20, a design that promises up to 20% additional performance and even more effective battery management. 

That’s thanks to Apple’s adoption of TSMC’s new Wafer-Level Multi-Chip Module (WMCM) packaging technology. What’s good about this tech is that it places the RAM alongside the SoC within the same package. 

The current design sees the RAM placed on top of the SoC, which is slightly less efficient and runs hotter. This informative image helps explain the difference between the two designs; essentially, the new architecture should reduce heat dissipation and speed up communication between the two components. 

That results in better performance and power efficiency and also means the vapor cooling system inside Apple’s upcoming pro iPhones can work more efficiently to reduce heat dissipation. While no one knows for sure, some estimates claim this new WMCM packaging should enable 15-20% performance boost, even before we consider the improved efficiency inherent in the new A20 chip.

A huge data heist

All of this information is carried within the 200,000+ files (630GB) World Leaks published on its dark web site. The data also includes confidential Apple supplier list info, detailed information concerning the circuit board, battery parts, and camera modules – even confidential information about which suppliers are competing to supply specific components. These are all confidential trade secrets the company is unlikely to want public, as they give rivals rare insight into how the company’s supply chain is structured.

Apple’s own crack team of security specialists is now involved in investigation of the attack, while Tata Electronics says it has restricted internal access and is engaged in a forensic investigation of the attack. 

Manufacturing is under attack

The scale of the attack is significant — so much so that it suggests the attackers engaged in extensive work to compromise the systems at Tata. This might have involved targeted attacks on employees, phishing, exploitation of weak access controls, the use of stolen credentials, and more. The attack point is unlikely to have been via Apple, but through a less protected supplier. 

There’s no doubt this leak is one of the worst to have hit the company, including the pre-release iPhone 4 left in a Redwood, CA nightclub that was then sold to a tech website. About the best thing to say about both leaks is that they help stoke up pre-release interest in an upcoming iPhone.

In truth, the story should be a wake-up call to business users that when it comes to system security, they are only ever as safe as the weakest link in their supply chain. This is particularly true in manufacturing. The IBM X-Force Threat Intelligence Index 2025 described manufacturing as the most targeted industry across four successive years.

Expect more such attacks with AI

Today’s sophisticated attackers are very accustomed to crafting multi-stop attack chains to get what they want, and World Leaks successfully attacked several larger enterprises, including Dell and Nike in recent months. 

Did this attack rely on AI? It’s not impossible, given Apple’s rush release of a security update designed to patch numerous vulnerabilities covering maliciously crafted web content and malicious web extensions, data exfiltration and sensitive data leakage, hijacked clipboard data, and more.

“It cuts both ways. The same AI helping researchers find these flaws is helping attackers exploit them faster, so expect more frequent updates, not fewer bugs, and the advantage shifts to whoever deploys the fix fastest,” said Adam Boynton, senior enterprise strategy manager for Jamf.

Please join me on social media at BlueSky,  LinkedIn, or Mastodon, and do subscribe my daily human-curated Apple news headline summary on Substack.First Foxconn, now Tata — Apple suppliers keep getting hacked – ComputerworldRead More