**Jaguar Land Rover Extends Cyber Attack-Induced Shutdown to October**

The assembly lines at Jaguar Land Rover will remain silent until 1 October 2025, following the company's announcement that it is extending its production halt due to the ongoing cyber attack that has crippled operations. The UK-based car manufacturer, which produces over 300,000 vehicles in 2024 and employs more than 30,000 people, said the decision will allow it to plan a phased restart to operations while continuing investigations into the hack.

"Our teams continue to work around the clock, alongside cyber security specialists, the NCSC [National Cyber Security Centre] and law enforcement to ensure we restart in a safe and secure manner," said JLR. The company's efforts are being supported by the government, which has announced plans to visit Jaguar Land Rover today (Tuesday 23 September) for the first time since the cyber attack. Business Secretary Peter Kyle and Industry Minister Chris McDonald will meet with the company and firms in its supply chain to discuss ways to mitigate the impact of the disruption.

The government's priorities are clear: helping Jaguar Land Rover get back up and running as soon as possible, while also ensuring the long-term health of the supply chain. "We have two priorities: helping Jaguar Land Rover get back up and running as soon as possible, and the long-term health of the supply chain," said McDonald. "We are acutely aware of the difficulties the stoppage is causing for those suppliers and their staff, many of whom are already taking a financial hit through no fault of their own – and we will do everything we can to reassure them that the government is on their side."

The cyber attack has had far-reaching consequences for Jaguar Land Rover's supply chain. Some workers have been laid off with "reduced or zero pay," while others have been told to apply for Universal Credit. The union Unite is calling for a furlough scheme for workers at JLR suppliers, which employ 104,000 workers. The union's general secretary Sharon Graham said: "Workers in the JLR supply chain must not be made to pay the price for the cyber attack. It is the government's responsibility to protect jobs and industries that are a vital part of the economy."

The impact of the cyber attack has also been felt by the wider automotive industry. The Society of Motor Manufacturers and Traders (SMMT) Automotive Components Section met with the Department for Business and Trade (DBT) on 19 September to discuss the ongoing disruption to the car maker's supply chain.

**A Call for Caution**

Experts are warning that the cyber attack highlights the importance of business continuity and cyber defence. "Cyber attacks targeting and disrupting large manufacturers' production infrastructure demonstrate just how intertwined cyber security and business resilience need to be," said James McQuiggan, CISO advisor at managed security platform supplier KnowBe4.

"The impact cascades through employees, suppliers and customers, showing that business continuity and cyber defence should be indivisible. Beyond immediate disruption, data theft during such incidents increases the long-term risks, from reputational damage to regulatory consequences," added McQuiggan.

**The Makers of the Hack**

While it is still not clear who is behind the attack, a group of young Anglophone hackers known as Scattered Lapsus$ Hunters claimed responsibility for the hack early on. The group boasted about the hack on Telegram, sharing screenshots seemingly taken from inside Jaguar Land Rover's IT networks.

However, experts are cautioning against taking anything from the Telegram channel at face value. "We have one law enforcement source who has advised caution against taking anything from the [Telegram] channel at face value," said a Guardian source.

In related news, two teen hackers were charged with a Las Vegas casino cyber heist, while another group was responsible for a wave of cyber attacks on UK retailers, including Marks and Spencer. The newly named group seems to consist of hackers who have been part of the groups Shiny Hunters, Lapsus$ and Scattered Spider.

**A Path Forward**

Jaguar Land Rover is not discussing details of the hack, but experts say that a phased restart of operations will be key to mitigating the impact of the cyber attack. By working closely with cyber security specialists and law enforcement, JLR can ensure a safe and secure return to production.