This article is from the source 'guardian' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.theguardian.com/business/2025/sep/16/jaguar-land-rover-production-shutdown-cyber-attack
The article has changed 4 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Jaguar Land Rover extends production shutdown after cyber-attack | Jaguar Land Rover extends production shutdown after cyber-attack |
| (30 minutes later) | |
| Carmaker says it will freeze production until at least 24 September as it continues investigations | Carmaker says it will freeze production until at least 24 September as it continues investigations |
| Business live – latest updates | Business live – latest updates |
| Jaguar Land Rover has extended its shutdown on car production, as Britain’s biggest carmaker grapples with the aftermath of a cyber-attack. | Jaguar Land Rover has extended its shutdown on car production, as Britain’s biggest carmaker grapples with the aftermath of a cyber-attack. |
| JLR said on Tuesday it will freeze production until at least next Wednesday, 24 September, as it continues its investigations into the hack, which first emerged earlier this month. | JLR said on Tuesday it will freeze production until at least next Wednesday, 24 September, as it continues its investigations into the hack, which first emerged earlier this month. |
| The manufacturer said: “We have taken this decision as our forensic investigation of the cyber incident continues, and as we consider the different stages of the controlled restart of our global operations, which will take time. | The manufacturer said: “We have taken this decision as our forensic investigation of the cyber incident continues, and as we consider the different stages of the controlled restart of our global operations, which will take time. |
| “We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.” | “We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.” |
| JLR, which is owned by India’s Tata group, stopped production at its sites after discovering hackers had infiltrated its systems a few weeks ago. | JLR, which is owned by India’s Tata group, stopped production at its sites after discovering hackers had infiltrated its systems a few weeks ago. |
| The company has since found the attack has affected “some data”, although it said that it could not provide more details of which data was affected, or if customers’ or suppliers’ information was stolen, but that it would contact anyone affected. | The company has since found the attack has affected “some data”, although it said that it could not provide more details of which data was affected, or if customers’ or suppliers’ information was stolen, but that it would contact anyone affected. |
| The costs of the cyber-attack are likely building for JLR, as production at its factories in the Midlands and Merseyside are put on hold. Other production facilities around the world have also been affected, fuelling speculation that it could be weeks until systems are operational. | The costs of the cyber-attack are likely building for JLR, as production at its factories in the Midlands and Merseyside are put on hold. Other production facilities around the world have also been affected, fuelling speculation that it could be weeks until systems are operational. |
| The freeze has also affected suppliers and retailers for JLR, with some operating without computer systems and databases normally used for sourcing spare parts for garages or registering vehicles. | The freeze has also affected suppliers and retailers for JLR, with some operating without computer systems and databases normally used for sourcing spare parts for garages or registering vehicles. |
| Last week, the Unite union warned that thousands of workers in the JLR supply chain are at risk of losing their livelihoods, and urged the government to step in with a furlough scheme to support them. | |
| Disruption from the cyber-attack could last until October. Thousands of JLR production workers have been told not to come in to work, and reports suggest that a number of the company’s suppliers have also had to tell their staff to stay at home. | |
| Sign up to Business Today | Sign up to Business Today |
| Get set for the working day – we'll point you to all the business news and analysis you need every morning | Get set for the working day – we'll point you to all the business news and analysis you need every morning |
| after newsletter promotion | after newsletter promotion |
| The shutdown has reportedly led to JLR missing out on production of 1,000 cars a day, losing £72m each day in sales. | |
| A group of hackers, linked to other serious hacks this year on retailers including M&S, have claimed responsibility for the attack on JLR. Screenshots which are allegedly of JLR’s internal IT systems were posted on a Telegram channel that combined the names of groups of hackers known as Scattered Spider, Lapsus$ and ShinyHunters. | A group of hackers, linked to other serious hacks this year on retailers including M&S, have claimed responsibility for the attack on JLR. Screenshots which are allegedly of JLR’s internal IT systems were posted on a Telegram channel that combined the names of groups of hackers known as Scattered Spider, Lapsus$ and ShinyHunters. |
| The disruption at JLR comes as it faces falling profits amid the impact of US tariffs and declining sales. The carmaker reported that underlying pre-tax profits dropped 49% to £351m in the three months to June. That included a period when the company temporarily paused exports to the US. | |
| The company also faced criticism last year over its rebrand of Jaguar, and its new electric cars are not expected to launch until next year. |