The UK government has reached out to Indian IT outsourcer Tata Consultancy Services (TCS) seeking answers from CEO Krithi Krithivasan over its alleged involvement in the ongoing cyber attack at Jaguar Land Rover (JLR), which has brought production at the firm to a standstill.
TCS was briefly linked to the Scattered Spider attack on Marks and Spencer (M&S) earlier this year and did conduct its own investigation into whether or not its systems were the initial source of the incident.
However, in June 2025, the IT giant told shareholders that it had found no TCS systems or users were compromised, and no other customers impacted. A representative for the company said the “purview of the investigation does not include TCS”.
Nevertheless, unconfirmed public speculation has continued to link TCS to other intrusions and attacks conducted by Scattered Spider and associated hacking groups, including incidents at Qantas – a TCS customer – and other airlines.
In the letter, Liam Byrne MP, in his capacity as chair of the cross-bench Business and Trade Committee, said he was trying to find out more information about both the JLR cyber attack and the incidents at M&S and Co-op Group. JLR is coincidentally backed by the wider Tata organisation.
Byrne said the Committee was looking to establish more details on TCS’ role as a service provider to all three affected firms – including the scope of services provided to date; whether TCS is conducting or will conduct an internal investigation into the JLR incident; and whether it has conducted or concluded an investigation into the M&S and Co-op incidents and what it found.
Byrne also asked for details of how many UK organisations work with TCS, with a particular emphasis on those working in the 13 sectors that Westminster currently defines as critical national infrastructure (CNI), and the total value of services contracts it holds in the UK.
On Monday 29 September, JLR said it was “taking further steps” in a “controlled, phased restart” of its manufacturing operations, after receiving a £1.5bn loan guarantee from the government.
“We are informing colleagues, retailers and suppliers that some sections of our manufacturing operations will resume in the coming days,” the firm said. “We continue to work around the clock alongside cyber security specialists, the UK government’s NCSC [National Cyber Security Centre] and law enforcement to ensure our restart is done in a safe and secure manner.”
The crisis has led to production shutdowns across JLR – including at its plants in Brazil, India and Slovakia – and caused a series of cascading effects that are being keenly felt across the UK automotive industry.
As Britain’s largest extant carmaker, JLR is a major force in the wider supply chain, and many smaller companies have had to make cuts of their own in response. According to the Business and Trade Committee, at least one JLR supplier had been forced to sell machinery and other assets. Others have been cutting back on staff hours, leaving thousands of workers out of pocket.
TCS had not responded to a request for comment from Computer Weekly at the time of publication.
