In late August, Jaguar Land Rover (JLR), the UK’s largest automotive employer, began experiencing significant disruptions due to a suspected cyber-attack. Initial signs emerged at a factory in Halewood, Merseyside, where managers alerted industry contacts to potential hacking. By Monday morning, JLR had shut down its systems upon realizing the severity of the situation. As of now, production at factories in the UK, Slovakia, Brazil, and India remains halted, while a joint venture in China continues operations.
The financial implications of the attack are substantial, with estimates suggesting costs could reach hundreds of millions of pounds. This disruption has heavily impacted JLR’s supply chain, particularly affecting suppliers around its headquarters in Gaydon and the Solihull factory, known for producing Range Rovers. The UK government is facing requests for financial assistance to support suppliers at risk of bankruptcy.
Daily communication between JLR and the Department for Business and Trade is underway, while the National Cyber Security Centre has been providing support. The company’s workforce morale has deteriorated due to the protracted shutdown, with no clear date for resuming operations. JLR has implemented workarounds to facilitate payments and maintain customer service despite system outages affecting essential software.
Chief Executive Adrian Mardell, who was scheduled to step down, is now engaged in crisis management alongside government officials. The attack raises questions about the cybersecurity measures employed, especially since significant portions of JLR’s IT infrastructure are managed by Tata Consultancy Services (TCS), which was awarded an £800 million contract in 2023.
Furthermore, the attack’s nature is unclear, with speculation tying it to similar incidents affecting other companies, potentially indicating a common threat actor. JLR has not confirmed whether it is a ransomware attack, which has been suggested by prior incidents involving TCS. Meanwhile, JLR has substantial cash reserves, potentially allowing it to navigate this crisis, although the future of numerous suppliers remains uncertain as production delays persist.
Source: https://www.theguardian.com/business/2025/sep/20/jaguar-land-rover-hack-factories-cybersecurity-jlr