Jaguar Land Rover crisis deepens – disruption expected until November

Jaguar Land Rover’s production has been paused until at least September 24th following a devastating cyberattack that has sent shockwaves through its global supply chain.

The UK-based car manufacturer, which shut down its IT networks to contain the breach, is facing a crisis that industry sources warn could last until November.

The attack, which began on September 1st, has already had a severe financial impact, with JLR’s three UK plants, which produce around 1,000 vehicles daily, losing millions in revenue for each day of downtime.

The disruption has cascaded, forcing suppliers across Europe to scale back or pause their own production, highlighting the interconnected vulnerabilities of the automotive ecosystem.

A hacker group with ties to Scattered Spider, Lapsus$, and ShinyHunters has claimed responsibility for the intrusion, which security experts believe was a “social-engineering” or “vishing” campaign. The group has a history of using such tactics and frequently rebrands to evade law enforcement.

The attack has also become a matter of national debate. Chris McDonald, Minister in the Department of Business and Trade, stated that government cyber experts are supporting JLR to help resolve the issue.

The incident has triggered a debate in the House of Commons, with MPs drawing comparisons to other recent high-profile cyberattacks and raising concerns about the UK’s overall cyber resilience. While JLR has no evidence of customer data theft, the company has acknowledged that “some data” was impacted and has notified regulators.