Jaguar Land Rover Staff to Stay at Home After Cyber Attack
Jaguar Land Rover (JLR) has instructed factory staff to stay at home until at least Tuesday as the company continues to grapple with the fallout from a cyber attack that hit its vital IT systems over the weekend. The attack forced JLR to take critical systems offline, which has affected car sales and production, leaving production lines in Halewood on Merseyside, Solihull in the West Midlands, and Wolverhampton's engine manufacturing centre all halted.
The situation remains under review, with output remaining suspended for an uncertain period. Car sales have also been heavily disrupted, although some transactions have been able to take place. The BBC understands that JLR has taken steps to limit potential damage from the cyber attack by shutting down its systems on Sunday. However, restoring them in a controlled manner is proving to be a highly complex process.
The attack occurred at what is traditionally a popular time for consumers to take delivery of a new vehicle, with the latest batch of new registration plates becoming available on September 1st. The disruption extends beyond JLR's own production lines, affecting its network of parts suppliers who have also been forced to restrict their operations.
Some repair garages have warned that existing Jaguar or Land Rover owners may face delays if their cars need new parts. James Wallis, an independent garage in West Sussex that repairs and services Land Rovers, expressed his concerns about the lack of transparency from JLR. "I can't look up what I need to repair cars," he said. "Essentially the parts list is a giant database of items that relates to every single car... If I can't find the parts, I can't buy them. I can't fix the car." He added that if a part comes from just one source and cannot be found, the job stops, and the car sits idle, leaving the poor old customer to wait.
Land Rover dealers and repair specialists across the world are affected by the disruption. Alan Howard, a Londoner who runs a Land Rover parts specialist in Tasmania, Australia, said he has "no idea" when the disruption will end. "Even though I'm an independent here all the way down in Tasmania, I use exactly the same software as a Land Rover dealer in London," he told the BBC's World Business Report. "Monday morning we [came] in and the system is down." Mr Howard noted that some third-party sellers exist, but many of them only sell older parts, leaving him to use his ingenuity.
A hacker group claiming responsibility for the cyber attack has revealed details about their infiltration of JLR's systems. The group, known as "Scattered Lapsus$ Hunters," a group of young English-speaking hackers thought to be teens, posted two images showing apparent internal instructions for troubleshooting a car charging issue and internal computer logs. A security expert said those screenshots suggested the group had access to information they should not have.
JLR is investigating the hack, but there is currently no evidence that any customer data has been stolen. The company signed a five-year, £800m deal with Tata Consultancy Services in 2023 as part of its effort to "accelerate digital transformation across its business." This latest cyber attack serves as a fresh blow to JLR, which recently revealed a slump in profits attributed to an increase in costs caused by US tariffs.
Have You Been Affecting by Issues Covered in This Story?
Share your experiences with the disruption caused by the Jaguar Land Rover cyber attack. Has it affected you or someone you know? We want to hear from you!