Jaguar and Land Rover are experiencing a prolonged production standstill, now in its third week, due to a cyberattack that occurred on September 1st. The attack has critically impacted the brand’s operations, leading to shutdowns in production, parts ordering, and retail functions. The financial repercussions are estimated at approximately Rs 60 crore per day. The initial impact was felt by dealerships, which were unable to process vehicle bookings. The company acknowledged the disruption on September 2nd and initiated system shutdowns to contain the issue.
The hacker group, Scattered Lapsus$, has claimed responsibility for the attack, which targeted JLR. This group previously targeted the Marks and Spencer retail chain earlier in the year. JLR has stated that system repairs are underway, but a full recovery timeline remains uncertain. Production is expected to remain halted until at least September 24th. Customer data was also compromised, prompting police involvement and cybersecurity expert assistance in restoring operations. The production shutdown has significantly disrupted JLR’s supply chain, posing a risk of bankruptcy for some suppliers. Aston Martin CEO Andy Palmer has indicated that layoffs are either occurring or being planned as a result. Hackers exploited a vulnerability in the third-party SAP NetWeaver software, which is used for internal operations. The extent of the data breach and whether a ransom was demanded are still unknown.