Tata Motors Braces for a Big Hit as Group Scrambles to Contain JLR Hack

The cyberattack on Jaguar Land Rover (JLR) has left Tata Motors reeling, with the company facing a significant revenue hit due to the disruption in production. The hack, which was carried out by a group of cybercriminals, has disrupted the operations at JLR's factories, dealers, and supply chain partners, causing a significant impact on the company's earnings.

JLR, a subsidiary of Tata Motors, had already faced challenges in the past year due to uncertainty over US tariffs on exports from the UK. The company had lowered its guidance for the financial year 2026 to 5-7% from the earlier predicted 10%. However, the recent cyberattack has added another layer of complexity to the situation.

The cyberattack first came to light on September 1st as JLR's dealers faced challenges in registering new sales in the company's internal system. At its plants in the UK and abroad, the digital systems stopped working. JLR confirmed the cyberattack in a statement on September 2nd: "JLR has been impacted by a cyber incident. We took immediate action to mitigate its impact by proactively shutting down our systems. We are now working at pace to restart our global applications in a controlled manner."

The hack, which was carried out by Scattered Lapsus$ Hunters—a cybercrime group including Scattered Spider and Lapsus$—and ShinyHunters, has disrupted production at JLR's three manufacturing facilities in the UK—and the ones in Pune, India, and Nitra, Slovakia. The company has continued to defer production.

The cyberattack has also caused significant damage to JLR's digital systems, with hackers altering the company's user interfaces, stealing data, and making internal changes. TCS's cyber defence teams had to shut down large parts of JLR's IT infrastructure to prevent the attack from spreading.

Tata Motors is facing a significant impact due to the disruption at its global unit. The company's shares have fallen 3.7% against a 4.2% rise in the Nifty Auto index since the current disruption at JLR started on September 1st. Mumbai-based Tata Motors will see an outsized impact on its books due to the disruption at its global unit, according to Harshvardhan Sharma, group head for auto tech and innovation at Nomura Research Institute.

The financial system used by JLR to process vehicle sales has been brought back online, allowing the company to sell and register vehicles faster and delivering important cash flow. However, the statement did not say anything about production.

JLR's leadership transition phase, with Tata Motors chief financial officer P.B. Balaji soon to take over as the next chief executive from November, is also expected to add another layer of complexity to the situation.

The tariff impact on JLR has been significant, with a rise in tariffs from 2.5% to 27.5%. The company had already predicted that it would end the current financial year with nearly zero free cash flow due to the tariff pressures. However, due to the steps taken by JLR, the impact has gone down to £600 million.

The cyberattack on JLR is expected to cause a revenue loss of up to £2 billion for Tata Motors, as the company does not have insurance against cyberattacks. The hack will also strain the balance sheet of its Indian parent, with JLR contributing 71% of its ₹4.40 trillion revenue and 79% of its ₹55,216 crore operating profit in 2024-25.

In a statement on Thursday night, JLR said: "We have informed colleagues, suppliers and retail partners that sections of our digital estate are now up and running. The foundational work of our recovery programme is firmly underway."

However, the company's recovery program has been impacted by the leadership transition phase, with Tata Motors' chief financial officer P.B. Balaji soon to take over as the next chief executive from November.

The cyberattack on JLR is a wake-up call for the automotive industry, highlighting the importance of cybersecurity in today's digital age. It also underscores the need for companies to have robust insurance coverage against cyberattacks.

In conclusion, the cyberattack on JLR has left Tata Motors reeling, with significant revenue and profit implications. The company is working to contain the hack and restore its operations as quickly as possible. However, the impact of the cyberattack will be felt for some time, and Tata Motors must navigate this complex situation with care.

Industry studies estimate that every hour of downtime in an automotive plant can cost between $1.5-2 million in lost output. The hack on JLR is expected to cause a revenue loss of up to £2 billion for Tata Motors, as the company does not have insurance against cyberattacks.

The tariff impact on JLR has been significant, with a rise in tariffs from 2.5% to 27.5%. The company had already predicted that it would end the current financial year with nearly zero free cash flow due to the tariff pressures. However, due to the steps taken by JLR, the impact has gone down to £600 million.

Tata Motors is facing a significant impact due to the disruption at its global unit. The company's shares have fallen 3.7% against a 4.2% rise in the Nifty Auto index since the current disruption at JLR started on September 1st. Mumbai-based Tata Motors will see an outsized impact on its books due to the disruption at its global unit, according to Harshvardhan Sharma, group head for auto tech and innovation at Nomura Research Institute.

The cyberattack on JLR is a wake-up call for the automotive industry, highlighting the importance of cybersecurity in today's digital age. It also underscores the need for companies to have robust insurance coverage against cyberattacks.