Jaguar Land Rover (JLR) has officially confirmed that a major cyberattack in August resulted in the theft of sensitive personal data belonging to current and former employees.
This disclosure marks the luxury automaker’s first public admission regarding the full scope of the incident, following a month-long production shutdown that cost the company hundreds of millions in revenue.
Production Paralysis and Financial Toll
The cyber incident, which began in early August, severely impacted JLR’s manufacturing capabilities across the United Kingdom.
According to CyberSecurityNews, IT systems were locked out, forcing factories in Solihull, Halewood, and Castle Bromwich to halt operations completely.
The disruption lasted for over a month, delaying vehicle deliveries and causing significant financial damage.
According to reports, the production standstill resulted in total losses exceeding $890 million. Quarterly losses alone were inflated to approximately £342 million ($442 million) due to the inability to manufacture or deliver vehicles during the lockout period.
While JLR has not officially identified the specific attack vector, industry speculation suggests phishing or vulnerabilities in legacy systems may have been exploited.
An internal email obtained by The Telegraph revealed that the breach specifically targeted Human Resources data.
The compromised information includes employment records essential for payroll and benefits administration.
Personal details such as names, home addresses, salaries, and National Insurance numbers were exposed.
The data theft affects not only current staff but also former employees, contractors, and potentially their dependents.
This exposure significantly heightens the risk of identity theft and targeted fraud for those involved.
However, JLR explicitly stated that there is no evidence suggesting customer or vehicle data was stolen during the attack.
JLR has notified the Information Commissioner’s Office (ICO) and other relevant regulators about the breach.
The company has apologized for the incident and is offering complimentary credit and identity monitoring services to impacted individuals.
“We are committed to supporting all current and former employees and contractors,” a spokesperson stated, confirming that a dedicated helpline has been established.
Operations were fully restored by late September, though analysts predict the financial aftershocks may linger into 2026.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.