London, UK — Jaguar Land Rover (JLR), the UK’s largest car manufacturer, has temporarily shut down several operations after a significant cyberattack disrupted its digital infrastructure earlier this week, the company confirmed Tuesday.
The breach, which reportedly targeted the automaker’s IT systems over the weekend, has affected both production and internal communications, forcing a partial halt in vehicle manufacturing across several key facilities, including its Solihull and Halewood plants. While JLR has not publicly disclosed the specific nature of the attack, cybersecurity experts familiar with the incident suggest it may involve ransomware.
Production Delays and Disrupted Supply Chain
Workers at affected sites were instructed to stand down from regular duties, with some shifts canceled entirely. Suppliers also report delays in order processing and logistics, further complicating JLR’s already strained post-Brexit supply chain and recovery from previous global chip shortages.
In a statement issued late Monday, the company said:
“Jaguar Land Rover is currently responding to an IT security incident. We are working with third-party specialists to investigate the source and impact of this disruption and to restore our systems as quickly and safely as possible. Production has been temporarily paused at a number of sites as a precautionary measure.”
The statement added that customer-facing services, such as vehicle sales and service appointments, remain unaffected, though dealers have noted minor delays in accessing vehicle order systems.
No Evidence of Customer Data Breach
At present, JLR has not reported any evidence that customer data has been compromised. However, the UK’s Information Commissioner’s Office (ICO) has been notified, and an investigation is ongoing.
Cybersecurity analysts from the UK’s National Cyber Security Centre (NCSC) are assisting with the response, but no group has yet claimed responsibility. The incident comes amid a broader surge in cyberattacks targeting global automotive and manufacturing sectors, with companies like Toyota, Renault, and VW also suffering recent breaches.
Industry-Wide Vulnerabilities
“Automakers are increasingly dependent on complex software ecosystems,” said Dr. Rina Malhotra, a cybersecurity researcher at the University of Warwick. “As connected vehicles and smart manufacturing systems grow, so do the attack surfaces. JLR’s situation underscores the critical need for resilient cybersecurity in industrial settings.”
What’s Next?
JLR has not provided a timeline for when full operations will resume, though sources within the company say contingency plans are underway, including potential manual workarounds to resume limited production if necessary.
The incident poses a significant challenge for JLR, which is in the midst of its “Reimagine” transformation plan — a strategy to electrify its lineup and reposition the company as a leader in sustainable luxury mobility.
Further updates are expected later this week as the company assesses the full extent of the disruption.
Disclaimer:
This report is intended purely for informational and journalistic purposes. It is not intended to harm or misrepresent any individual, brand, or organization mentioned. The facts presented are based on publicly available sources and statements at the time of publication.