This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/c4gqepe5355o
The article has changed 4 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| M&S hackers claim to be behind Jaguar Land Rover cyber attack | M&S hackers claim to be behind Jaguar Land Rover cyber attack |
| (about 2 hours later) | |
| A group of young English-speaking hackers are claiming to be behind the cyber attack which has halted the global production lines of Jaguar Land Rover (JLR). | A group of young English-speaking hackers are claiming to be behind the cyber attack which has halted the global production lines of Jaguar Land Rover (JLR). |
| The group is bragging about the hack on the messaging app Telegram, sharing screenshots apparently taken from inside the car maker's IT networks. | The group is bragging about the hack on the messaging app Telegram, sharing screenshots apparently taken from inside the car maker's IT networks. |
| The gang is also responsible for a wave of cyber attacks on UK retailers including M&S in the spring - and are calling themselves "Scattered Lapsus$ Hunters". | The gang is also responsible for a wave of cyber attacks on UK retailers including M&S in the spring - and are calling themselves "Scattered Lapsus$ Hunters". |
| "Where is my new car, Land Rover," the hackers - who are thought to be teens - posted to taunt the company. | "Where is my new car, Land Rover," the hackers - who are thought to be teens - posted to taunt the company. |
| JLR told the BBC it was aware of the claims and was investigating. | |
| In private text conversations with one of the criminals, who claims to be the spokesperson for the group, they said they are trying to extort the car company for money. | In private text conversations with one of the criminals, who claims to be the spokesperson for the group, they said they are trying to extort the car company for money. |
| But the hacker would not say if they have successfully stolen private data from JLR or installed malicious software onto the company's network. | But the hacker would not say if they have successfully stolen private data from JLR or installed malicious software onto the company's network. |
| The hacker wouldn't provide any more evidence they are responsible for the hack - and they are known to lie to get attention. | The hacker wouldn't provide any more evidence they are responsible for the hack - and they are known to lie to get attention. |
| But two images posted by the group show apparent internal instructions for troubleshooting a car charging issue and internal computer logs. | But two images posted by the group show apparent internal instructions for troubleshooting a car charging issue and internal computer logs. |
| One security expert has speculated the screenshots suggest the criminals have access to information they should not have. | One security expert has speculated the screenshots suggest the criminals have access to information they should not have. |
| "Based on the information provided by the attackers and open source intelligence, the attack has access to JLR's internal systems and network," security researcher Kevin Beaumont said. | "Based on the information provided by the attackers and open source intelligence, the attack has access to JLR's internal systems and network," security researcher Kevin Beaumont said. |
| A spokesperson for the Information Commissioner's Office said: "Jaguar Land Rover has reported an incident and we are assessing the information provided." | A spokesperson for the Information Commissioner's Office said: "Jaguar Land Rover has reported an incident and we are assessing the information provided." |
| 'Took immediate action' | 'Took immediate action' |
| Car production at sites including the Halewood plant in Merseyside and another in Solihull have been heavily disrupted since the attack was discovered on Sunday. | Car production at sites including the Halewood plant in Merseyside and another in Solihull have been heavily disrupted since the attack was discovered on Sunday. |
| Staff have been sent home and JLR has said it's working to get manufacturing back online. | Staff have been sent home and JLR has said it's working to get manufacturing back online. |
| The company has not disclosed the nature of the attack. | The company has not disclosed the nature of the attack. |
| "We took immediate action to mitigate its impact by proactively shutting down our systems, it said in a statement. | "We took immediate action to mitigate its impact by proactively shutting down our systems, it said in a statement. |
| "We are now working at pace to restart our global applications in a controlled manner. | "We are now working at pace to restart our global applications in a controlled manner. |
| "At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted." | "At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted." |
| The hackers chose the name Scattered Lapsus$ Hunters to reflect the merging of various youth-orientated cyber criminals who are all associated with a network called The Com. | The hackers chose the name Scattered Lapsus$ Hunters to reflect the merging of various youth-orientated cyber criminals who are all associated with a network called The Com. |
| Earlier this year the National Crime Agency warned of the growing threat from cyber criminals in The Com. | Earlier this year the National Crime Agency warned of the growing threat from cyber criminals in The Com. |
| The newly named group is a mixture of hackers who have been part of the groups Shiny Hunters, Lapsus$ and Scattered Spider - all notorious young hacking groups of the last few years that emerged from The Com. | The newly named group is a mixture of hackers who have been part of the groups Shiny Hunters, Lapsus$ and Scattered Spider - all notorious young hacking groups of the last few years that emerged from The Com. |
| The Telegram channel used by the criminals now has nearly 52,000 subscribers. The group has been bragging about hacks and sharing incomprehensible in-jokes for days. | The Telegram channel used by the criminals now has nearly 52,000 subscribers. The group has been bragging about hacks and sharing incomprehensible in-jokes for days. |
| It's the fourth such Telegram channel as previous ones have been closed down. | |
| Scattered Spider is name of a loosely linked group of hackers responsible for high profile attacks on M&S, Co-op and Harrods in April and May. | Scattered Spider is name of a loosely linked group of hackers responsible for high profile attacks on M&S, Co-op and Harrods in April and May. |
| In July the National Crime Agency arrested 4 people in connection to the hacks. | In July the National Crime Agency arrested 4 people in connection to the hacks. |
| A 20-year-old woman was arrested in Staffordshire, and three males - aged between 17 and 19 - were detained in London and the West Midlands. All have since been released on bail. | A 20-year-old woman was arrested in Staffordshire, and three males - aged between 17 and 19 - were detained in London and the West Midlands. All have since been released on bail. |
| Sign up for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? Sign up here. | Sign up for our Tech Decoded newsletter to follow the world's top tech stories and trends. Outside the UK? Sign up here. |