JLR Cyberattack Sparks Urgent Call for Resilient Digital Infrastructure

Big British businesses and brands have seen a surge in cyberattacks in recent months, and Jaguar Land Rover (JLR) is the latest notable name to be targeted.

Jaguar and Land Rover, once separate entities, merged in 2013 under the Jaguar Land Rover banner. The move, initially seen as a high-stakes gamble, ultimately paid off—Tata Motors (part of India’s Tata Group, one of its largest and most respected conglomerates) gained a strong foothold in the premium automotive space, transforming JLR into a global luxury car powerhouse.

Fast-forward to August 2025, and the organisation behind the Land Rover Discovery and Jaguar E-Type has been exposed. On August 30, JLR’s global operations were disrupted when its IT systems were infiltrated by a sophisticated cybercrime group known as Scattered Lapsus$ Hunters—a new collective following in the footsteps of Scattered Spider, Lapsus$, and ShinyHunters.

These calculated attacks, executed with precision and timing, appear to target businesses during their most vulnerable moments. In JLR’s case, the breach coincided with the September 1 UK registration plate release, a peak sales period for car manufacturers, suggesting this was no random hit.

What Happened Next?

Following the infiltration, JLR was forced to shut down its entire digital infrastructure—including all critical systems. This wasn’t a precautionary measure; it was a full-scale emergency response. As a result, production ground to a halt across major factories in the UK, Slovakia, India, Brazil, and China.

This disruption has delayed key product launches, including the Range Rover Electric and the Land Rover Defender Octa (2025) - vehicles central to JLR’s future strategy.

Thousands of UK factory workers across Merseyside and the West Midlands were sent home. Under the corridor agreement (a specialised financial contract), employees were told to “bank” their hours, meaning they’d be expected to make up the time later.

As of September 17, 2025, production remains frozen, and recovery is not expected until late October or early November.

Cyber Essentials: Why It Matters More Than Ever

If you’re a business leader or decision-maker reading this, take note: the consequences of neglecting cybersecurity are real, and they’re costly.

Manufacturers depend on uptime and operational continuity: time is money. When cybercriminals orchestrate attacks that bring operations to a standstill, many businesses struggle to recover.

This is why the UK government advocates the Cyber Essentials scheme. It helps organisations protect themselves against common cyber threats by implementing five key controls:

• Firewalls
• Secure configuration
• User access control
• Malware protection
• Patch management

Adopting Cyber Essentials isn’t just about compliance; it’s about building a proactive cybersecurity culture. JLR’s experience proves that even large, well-resourced organisations can be vulnerable without the right digital standards and practices.

Lessons for the Industry

This case study is a wake-up call for UK businesses—especially manufacturers. Here are three critical takeaways:

• Cyber Resilience: Cyber resilience is the ability to prepare for, withstand, and recover from cyberattacks or disruptions. It’s no longer just about prevention - it’s about bouncing back quickly, minimising damage, maintaining customer trust, and keeping operations moving.
• Contingency Planning: With major brands falling victim to cyberattacks monthly, contingency planning is essential. Manufacturers should develop pre-tested disaster recovery plans, manual workarounds, and offline production capabilities to ensure crisis continuity.
• Employee Communication and Support: JLR’s response revealed a gap in employee communication. Workers were sent home with little clarity. A centralised communication hub (via email or SMS) could have delivered regular updates, maintained transparency, and supported staff through uncertainty.

What Comes Next for JLR?

Recovery will take time. Once the dust settles, JLR will likely overhaul its IT infrastructure and adopt modern cybersecurity best practices to prevent future incidents.

For manufacturers, digital transformation isn’t something they can continue to ignore. It strengthens cybersecurity and unlocks cleaner, faster, and more efficient systems that support sustainable growth.

Reinforcing the Cyber Essentials Ethos

JLR’s misfortune underscores a simple truth: cyber resilience is no longer optional—it’s essential. Businesses that fail to adopt best practices like Cyber Essentials risk being left behind and targeted by increasingly sophisticated cybercriminal groups.

If you’re ready to put cybersecurity fears to rest, our Cyber Essentials-accredited experts are here to help—with a CE guarantee the first time around.

📞 Get in touch with our friendly team for tailored cybersecurity solutions and peace of mind.