Cyberattack hits Jaguar Land Rover as IT-security claims come under scrutiny
Britain’s largest carmaker shuts three plants after a late-August cyberattack, forcing thousands of job and supplier disruptions amid questions about IT resilience and outsourcing.
A cyberattack has crippled Jaguar Land Rover, Britain’s largest carmaker by production, forcing the temporary shutdown of three plants in Solihull, Wolverhampton and Halewood at the end of August. The disruption is expected to last at least until midweek, with industry officials warning the outage could extend deeper into the supply chain and affect thousands of suppliers. The three sites together produce about 1,000 cars a day and employ roughly 30,000 people directly, with about 200,000 more in the just-in-time network dependent on the plants.
Ministers scrambled to assemble a rescue response as Jaguar Land Rover works with cybersecurity specialists, the National Cyber Security Centre and law enforcement on the investigation. In its latest accounts, signed in May, the Indian-owned company said its information security was on a 'positive trajectory' and that IT operations were being transformed to systematically reduce risks while boosting cyber readiness and resilience. The disclosure comes as the company fights a disruption that has halted production and raised questions about its cyber-defence posture and reliance on external IT support.
Jaguar Land Rover’s IT is managed under an £800 million, five-year outsourcing deal with Tata Consultancy Services, a Tata Group unit that also supplied IT services to Marks & Spencer and the Co-op after they suffered cyberattacks this year. The company remains financially robust by many metrics: it reported a pre-tax profit of about £2.5 billion last year and, at the end of June, had liquidity of around £5 billion, consisting of £3.3 billion in cash and a £1.7 billion loan facility. Analysts caution that the cyberbreach has pushed cash burn higher, with some estimates approaching £1 billion a month, though the firm has continued to pay suppliers to keep lines moving. Without Tata’s support, some observers say JLR could have only a three- to four-month runway if disruption persists.
David Bailey, professor of business economics at Birmingham Business School, described the crisis as JLR’s biggest in its history and urged a deep-dive root-cause analysis to understand how the breach occurred and how to prevent a repeat. Tata Consultancy Services told MPs that it was premature to provide a definitive assessment of the financial impact but emphasized the group was in a good position to secure additional borrowing if needed.
Some systems began to come back online last week, and Jaguar Land Rover said it was increasing its capacity to process invoices and working to clear a backlog of payments to suppliers. A JLR spokesperson said the recovery program’s foundational work was under way and that the company was coordinating with cybersecurity specialists, the National Cyber Security Centre and law enforcement to investigate the incident.
This episode highlights the ongoing cybersecurity challenges facing automotive manufacturers and their sprawling supply chains. Industry and government officials have stressed the need for stronger cyber safeguards, resilience planning, and closer oversight of critical IT networks as vehicles and production ecosystems become increasingly digital and interconnected. The investigation into the breach is ongoing, with authorities and the company continuing to map out the incident’s scope and the steps needed to restore normal operations.
