Jaguar Land Rover Staff Told to Stay Home Following Cyber Attack

Jaguar Land Rover (JLR) has taken drastic measures to contain the fallout from a devastating cyber attack, instructing factory staff to stay at home until at least Tuesday. The company's efforts to restore vital IT systems have been hindered by the attack, which forced the closure of its car factories in Halewood on Merseyside and Solihull in the West Midlands, as well as its engine manufacturing centre in Wolverhampton.

The situation remains under review, with production expected to remain suspended for an extended period. Car sales have also been severely disrupted, although some transactions have managed to take place. The latest batch of new registration plates became available on 1 September, but the disruption has extended beyond JLR's own production lines, with its network of parts suppliers forced to restrict their operations.

Industry Leaders Express Concerns Over Lack of Transparency

Some industry leaders have expressed concerns over the lack of transparency from JLR regarding the cyber attack. James Wallis, owner of Nyewood Express, an independent garage in West Sussex that repairs and services Land Rovers, told the BBC's Today programme that he "can't look up what I need to repair cars".

"Essentially, the parts list is a giant database of items that relates to every single car," he said. "And if I can't find the parts, I can't buy them. I can't fix the car." He added: "If you need parts which come from just one source and you can't find them, you can't order them. The job stops. You cannot repair the car. The car sits idle, and the poor old customer has to wait."

Global Impact

Land Rover dealers and repair specialists across the world are affected by the cyber attack. Alan Howard, a Londoner who runs a Land Rover parts specialist in Tasmania, Australia, said he has "no idea" when the disruption will end.

"Even though I'm an independent here all the way down in Tasmania, I use exactly the same software as a Land Rover dealer in London," he told the BBC's World Business Report. "Monday morning we [came] in and the system is down." He noted that some third-party sellers are available, but many of them only sell older parts.

Hacker Group Claims Responsibility

A hacker group, known as "Scattered Lapsus$ Hunters", has claimed responsibility for the cyber attack. The group, which consists of young English-speaking hackers, allegedly accessed JLR's systems and have posted two images showing internal instructions for troubleshooting a car charging issue and internal computer logs.

A security expert said that the screenshots suggested the group had access to information they should not have. JLR says it is investigating the hack, but there is no evidence at this stage any customer data has been stolen.

Background on Cyber Security Measures

In 2023, as part of an effort to "accelerate digital transformation across its business", JLR signed a five-year, £800m deal with corporate stablemate Tata Consultancy Services to provide cybersecurity and a range of other IT services. The halt in production is a fresh blow to the firm which recently revealed a slump in profits attributed to an increase in costs caused by US tariffs.