Jaguar Land Rover (JLR) has confirmed a cyber-attack that severely disrupted vehicle production and retail operations, forcing the company to proactively shut down its IT systems to contain the incident.

The attack, which began on Sunday, comes during a critical period for UK auto sales as new registration plates became available on September 1st—traditionally a high-demand period for new vehicle deliveries.

The company, owned by India’s Tata Motors, assured customers that there is no evidence of data theft but acknowledged significant operational impacts.

Workers at JLR’s Halewood plant in Merseyside were instructed not to report to work or were sent home as the investigation and recovery efforts continue.

The attack mirrors recent ransomware incidents targeting major UK retailers like Co-op and Marks & Spencer, though JLR has not confirmed whether extortion was involved.

This disruption compounds existing challenges for JLR, which recently reported declining profits due to rising costs linked to U.S. tariffs and supply chain constraints.

The halt in production could delay vehicle deliveries and affect quarterly financial performance, particularly if systems remain offline for an extended period.

JLR’s response highlights growing vulnerabilities in automotive manufacturing, where interconnected IT systems control everything from assembly lines to customer communications. The industry has become an increasingly attractive target for cybercriminals seeking leverage over high-value operations.

The company is working to restore systems in a controlled manner but has not provided a timeline for full recovery.

The incident underscores the need for robust cybersecurity measures in modern manufacturing, especially as automakers integrate more digital technologies into their production and sales processes.

Source: BBC