Production at Jaguar Land Rover (JLR), the UK’s largest car manufacturer owned by India’s Tata Group, is expected to remain suspended throughout this week due to a significant cyber-attack discovered last week. The attack has reportedly affected JLR’s operational systems and is anticipated to cause disruptions until at least October.
In response to the infiltration of its systems, JLR halted production at its sites, including those in Halewood, Solihull, and Wolverhampton. Employees have been instructed to stay home until Tuesday, but they will receive their regular pay and can “bank” their hours for later use. An update for employees regarding the production schedule is expected on Monday, with indications that many will remain off work until at least Thursday.
Several suppliers, including Evtec, WHS Plastics, SurTec, and OPmobility, which collectively employ over 6,000 workers in the UK, have also advised their teams to stay at home. Reports suggest that operations might experience interruptions for most of September. Comparatively, a previous cyber-attack on Marks & Spencer halted online orders for over six weeks, while similar incidents at the Co-op and Harrods were resolved more quickly with limited disruption.
While there is currently no evidence of a data breach concerning personal information, JLR has notified the Information Commissioner’s Office about the attack, highlighting the potential for such access. Operations are reportedly functioning without many digital systems, disrupting access to important databases, such as those for spare parts. Dealerships and repair garages are facing challenges as they resort to manual methods for vehicle registration and spare parts procurement.
A JLR spokesperson confirmed that the company is collaborating with cybersecurity experts and law enforcement to manage the incident. They expressed gratitude for the understanding and support of customers and partners during this difficult period. On a related note, a group of English-speaking hackers claimed responsibility for the JLR attack, with connections to previous retail cyber incidents.
Source: https://www.theguardian.com/business/2025/sep/07/disruption-to-jaguar-land-rover-after-cyber-attack-may-last-until-october