Jaguar Land Rover has warned that production shutdown will continue until at least September 24 as it continues to investigate and resolve the impact of the cyber attack.
Owned by India’s Tata group, JLR is the U.K.’s largest vehicle manufacturer, with a daily production of about 1,000 units from its three plants in Solihull, West Midlands, Halewood, Merseyside, and Castle Bromwich, Birmingham. It employs roughly 33,000 people and reported an annual revenue of about £29.0 billion in 2025.
JLR said it would continue to suspend global production to enable its forensic investigation into the cyber attack to conclude smoothly.
Jaguar Land Rover cyber attack set to prolong production shutdown
On September 2, 2025, JLR said it proactively shut down its systems after being “impacted by a cyber incident,” which disrupted production, sales, and parts distribution.
The automaker said it was working to restore impacted systems in a controlled manner to restart its global operations.
However, recovery efforts seem to have hit a major snag, with JLR saying that the production shutdown could last until at least September 24. However, some industry experts suggest that disruptions could last until October or even November.
Jaguar Land Rover cyber attack threatens livelihoods
JLR’s production shutdown has severely affected suppliers, retailers, and auto repair shops, which are forced to work without the computer information systems they usually rely on for sourcing auto parts and registering vehicles. The automaker’s supply chain supports over 104,000 jobs, which are now at risk due to the production shutdown.
Some JLR employees were forced to take compulsory leave with reduced or no pay due to the production shutdown, raising concerns from workers’ unions. Some suppliers have also begun sending their staff on leave or instructing them to work from home, as JLR’s production shutdown continues.
Subsequently, workers’ union Unite has called on the U.K. government to institute a furlough scheme like the Scottish government to support impacted employees. Unite’s general secretary Sharon Graham stated that the government had the responsibility to protect jobs in critical industries.
“Workers in the JLR supply chain must not be made to pay the price for the cyber attack,” she stated.
The production shutdown will also hit JLR’s bottom line hard, with the company failing to produce 1,000 vehicles a day, translating to a £72 million loss in daily revenue. JLR’s suppliers, comprising small and medium-sized businesses, also face an existential threat due to the loss of business due to the cyber attack.
Jaguar Land Rover cyber attack leaked data
Initially, the auto giant suggested that the cyber attack did not leak customer data despite causing a production shutdown.
“At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted,” it stated.
However, JLR has found evidence that the threat actor accessed “some data,” but declined to say whether the data breach affected customers or suppliers. The company also declined to disclose the nature of the potentially exposed information.
Although the nature of the cyber attack remains undisclosed, it bears the hallmarks of a ransomware incident, which often involves data exfiltration for double extortion.
Meanwhile, the Lapsus$ Shiny Hunters collective has claimed responsibility for the Jaguar Land Rover cyber attack and claimed to have stolen technical information.
