Jaguar Land Rover (JLR) hit by cyberattack
Incident
Summary
Hide ▲
Show ▼
Jaguar Land Rover (JLR) said a September ransomware attack knocked out production for several weeks and caused £196m ($258m) in cyber-related costs, adding to £485m quarterly losses and a 24% YoY revenue drop. The incident was claimed by Scattered Lapsus$ Hunters, and later assessments said it had a £1.9bn UK economic impact and affected more than 5000 UK organizations. JLR has said production of all its luxury brands has resumed, but the event continued to weigh on operations, suppliers, and sales into late 2025.
Related Happenings
UK government cyber resilience funding and pledge
Public Sector Action
First: 22.04.2026 17:10
Last: 22.04.2026 17:10
Sources 1
About this happening:
**UK government** announced **£90m ($120m)** in cybersecurity funding and a new **Cyber Resilience Pledge**, aiming to strengthen **national cyber resilience**. The initiative was...
UK government cyber resilience funding and pledge
Public Sector ActionAbout this happening: **UK government** announced **£90m ($120m)** in cybersecurity funding and a new **Cyber Resilience Pledge**, aiming to strengthen **national cyber resilience**. The initiative was...
2025 Automotive carmakers ransomware surge
Target Trend
First: 16.04.2026 11:35
Last: 16.04.2026 11:35
Sources 1
About this happening:
In **2025**, ransomware became the **fastest-growing** and most disruptive threat to **automotive carmakers**, accounting for **44% of attacks** and **more than doubling** over th...
2025 Automotive carmakers ransomware surge
Target TrendAbout this happening: In **2025**, ransomware became the **fastest-growing** and most disruptive threat to **automotive carmakers**, accounting for **44% of attacks** and **more than doubling** over th...
Rising cyber-incident impact across UK manufacturers
Target Trend
First: 01.04.2026 12:30
Last: 01.04.2026 12:30
Sources 1
About this happening:
A survey found **UK manufacturing organizations** are facing broad cyber-incident harm, with **78%** reporting a serious incident and **95%** seeing direct business impact. The pa...
Rising cyber-incident impact across UK manufacturers
Target TrendAbout this happening: A survey found **UK manufacturing organizations** are facing broad cyber-incident harm, with **78%** reporting a serious incident and **95%** seeing direct business impact. The pa...
2025 Decline in physically impactful OT attacks
Target Trend
First: 26.03.2026 22:33
Last: 26.03.2026 22:33
Sources 1
About this happening:
**Physically impactful OT attacks** fell to **57 in 2025**, reversing a **year-over-year decline** that matters for critical infrastructure defenders. The total was down from **76...
2025 Decline in physically impactful OT attacks
Target TrendAbout this happening: **Physically impactful OT attacks** fell to **57 in 2025**, reversing a **year-over-year decline** that matters for critical infrastructure defenders. The total was down from **76...
Ransomware victim payment rates fall to record low as claimed attacks rise
Target Trend
First: 26.02.2026 16:00
Last: 26.02.2026 16:00
Sources 1
About this happening:
Ransomware victim payment rates fell to **28%** last year, a record low, even as claimed attacks rose **50% year over year**, signaling a widening gap between attack volume and re...
Ransomware victim payment rates fall to record low as claimed attacks rise
Target TrendAbout this happening: Ransomware victim payment rates fell to **28%** last year, a record low, even as claimed attacks rose **50% year over year**, signaling a widening gap between attack volume and re...
Timeline
-
05.01.2026 02:00 7 articles · 4mo ago
Jaguar Land Rover reports sales slump after cyber-attack
Victim Impact UpdateJaguar Land Rover (JLR) remained in the aftermath of a major cyber-attack that disrupted operations from September to November 2025, with Tata Motors saying the incident significantly disrupted operations and forced production halts across all factories in September. The same financial disclosure said JLR's third-quarter 2025 retail sales fell 25.1% year on year to 79,600 vehicles, wholesale volumes dropped 43% year on year to 59,200 units, and output returned to normal by mid-November while global distribution delays continued to weigh on sales. The Cyber Monitoring Centre later characterized the cyber-attack as a systemic cyber event and estimated a UK financial impact of £1.9bn ($2.55bn) affecting over 5000 UK organizations.
Show sources
- Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout — www.infosecurity-magazine.com — 06.01.2026 13:15
- Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout — www.infosecurity-magazine.com — 06.01.2026 13:15
- Jaguar Land Rover wholesale volumes down 43% after cyberattack — www.bleepingcomputer.com — 06.01.2026 20:27
- Jaguar Land Rover extends shutdown after cyberattack by another week — www.bleepingcomputer.com — 16.09.2025 16:08
- Cyber-Attack Contributes to Huge Sales Drop at JLR — www.infosecurity-magazine.com — 08.10.2025 13:15
- JLR Hack UK's Costliest Ever, Hitting Economy with £1.9bn Loss — www.infosecurity-magazine.com — 22.10.2025 14:46
- Cyber-Attack Costs Carmaker JLR $258m in Q2 — www.infosecurity-magazine.com — 17.11.2025 11:30
-
29.09.2025 13:57 1 articles · 8mo ago
UK government backs JLR with £1.5 billion loan guarantee
Legal Policy Action UpdateThe UK government announced a £1.5 billion ($2 billion) loan guarantee for Jaguar Land Rover (JLR) to support the carmaker and its supply chain after the recent cyberattack shut down production lines and severely disrupted internal systems. The backing uses an Export Development Guarantee from UK Export Finance and is meant to bolster JLR’s cash reserves so it can keep supporting suppliers affected by the shutdown.
Show sources
- Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention — www.securityweek.com — 29.09.2025 13:57
-
03.09.2025 13:06 1 articles · 8mo ago
Jaguar Land Rover confirms cyber incident after systems shutdown
Initial DisclosureJaguar Land Rover said a cyber incident forced it to disconnect systems, severely disrupting retail and manufacturing operations across its global applications. JLR said it was working to restart systems in a controlled manner and had seen no evidence that customer data was stolen, while UK manufacturing plants and dealer operations were impacted over the weekend.
Show sources
- Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack — www.securityweek.com — 03.09.2025 13:06