A digital assault crippled Jaguar Land Rover for nearly a month, bringing factories to a halt across continents. The situation became so critical that the British government stepped in, working to stop an even deeper collapse for the automaker.
Global Manufacturing Grinds to a Halt
On August 31, Jaguar Land Rover had to shut down most of its systems. This was a direct response to a cyberattack that seized its production lines. The impact was immediate: factories in the United Kingdom fell silent. This shutdown quickly spread to international production centers. Thousands of employees found themselves unable to work. The company now faces a slow, difficult path to resuming full operations. The Guardian reported on the company’s restart plans.
The company’s first public statement came on September 2. They referred to it as a "cyber incident." They also stated there was no proof of any data being stolen. Initially, JLR thought the shutdown would only last a few days. The reality was far worse. The halt continued until September 24, as noted in a JLR statement. Then, it stretched for another week beyond that, as an update confirmed on JLR’s media site.
The Attack’s Far-Reaching Impact
The preventative system disconnect went beyond just stopping car production. It also froze internal tools for design, management, and engineering. The company’s sales network faced similar issues. Retail and logistics channels were blocked. This forced teams to switch to outdated manual processes. Dealerships stayed open, but new ways for deliveries and payments had to be quickly set up.
The incident caused a chain reaction around the world. Factories in Slovakia, Brazil, and India also shut down, mirroring the situation in the UK. The effects hit JLR’s supply chain hard. Many suppliers found themselves with no new orders. Investigations suggest this was a ransomware attack. Groups like Scattered Spider, Lapsus$, and ShinyHunters are among the suspected culprits. Photos of JLR’s internal systems appeared on Telegram channels. This evidence strongly supports the idea of extortion.
Costly Recovery and a Wake-Up Call
The National Cyber Security Centre (NCSC) and other private firms are working to uncover details of the breach. The government is keeping a close watch on their progress. Recovery is happening in careful stages. JLR is focusing on getting critical systems back online first. These systems are tested thoroughly in safe environments before production restarts.
The financial damage is staggering. Experts estimate each week of lost production cost about £50 million, which is roughly €59 million. Financial agency Moody’s shifted JLR’s outlook from "positive" to "negative." To help ease the strain, the British government offered £1.5 billion in loan guarantees. JLR also secured another £2 billion from commercial banks.
This incident shows how exposed even the biggest car makers are. It took Jaguar Land Rover nearly a month to get back on its feet after the cyberattack. This serves as a strong warning for all industries. The question is no longer if another attack will happen. It’s when, and how quickly companies can limit the damage.