The Jaguar Land Rover cyberattack that has shuttered production lines since September 1 will extend for at least another week, and some observers warn that the effects could linger well beyond then.
With fears growing that the crisis at JLR could lead to thousands of layoffs, some have called for UK government intervention to aid workers affected by the unspecified cyberattack.
JLR’s supply chain supports more than 100,000 jobs in the UK, and “sits at the top of a pyramid of suppliers, many of whom are highly dependent on the carmaker being their main customer,” the BBC reported today.
Indeed, JLR supplier Autins Group saw its stock plunge by more than 50% at the start of London trading today after the company warned that the JLR cyberattack “has had a material effect on the Group’s UK operations.” The stock closed the day down 25%.
In a statement, Autins CEO Andy Bloomer said, “The JLR cyberattack is concerning not just for Autins, but the wider automotive supply chain the true impact of which will not be known for some time. Autins is doing everything possible to protect our business now and ensure we are ready to benefit as we come out the other side.”
Jaguar Land Rover Cyberattack Attributed to Scattered Lapsus$ Hunters
The attack has been attributed to the Scattered Lapsus$ Hunters threat group – which claimed to cease operations after the attack but may have already launched new attacks targeting the financial industry, according to new threat intelligence reporting.
The BBC reported today that JLR has told suppliers that production at its factories will not resume until September 24 at the earliest, “but industry sources have warned disruption could last into November.”
However, the news organization noted that JLR has dismissed reports of extended operational disruption as “speculation.”
The shutdown is costing JLR at least £50m a week in lost production, and the company would normally build more than 1,000 cars a day, the BBC said. JLR, which is owned by India’s Tata Motors, also has factories in Slovakia, China and India.
In a September 16 update on the incident, JLR stated, “Today we have informed colleagues, suppliers and partners that we have extended the current pause in our production until Wednesday 24th September 2025.
“We have taken this decision as our forensic investigation of the cyber incident continues, and as we consider the different stages of the controlled restart of our global operations, which will take time.
“We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.”
The company has also admitted that some data may have been viewed or stolen in the cyberattack.
JLR Cyberattack Shows How Damaging Attacks Can Be
The JLR cyberattack shows how much the damage from an attack can linger, in addition to underscoring the need for strong cybersecurity, incident response, and contingency plans.
Another recent UK cyberattack, on Colt Technology Services, also highlights the lingering damage from a cyberattack.
According to security researcher Kevin Beaumont, Colt may not completely recover from its August attack until November or December.
Related
Source link
