Jaguar Land Rover, the UK’s largest car manufacturer, remains paralysed more than a week after suffering a major cyber-attack. The company has halted production at its plants in Halewood, Solihull and Wolverhampton and extended the shutdown to international facilities in Slovakia, Brazil and India. Thousands of workers have been instructed to stay home on full pay and told to “bank” their hours for later recovery as disruption shows no sign of easing before October.
The shock has rippled quickly through JLR’s supplier base. Companies including Evtec, WHS Plastics, SurTec and OPmobility, employing over 6,000 workers between them, have also paused operations. Dealerships are reverting to pen, paper and telephones to process new vehicle registrations and spare-parts logistics, a measure that underscores how deeply JLR’s digital systems have been disabled.
Although no evidence has yet emerged of customer data being accessed, the company has notified the Information Commissioner’s Office as a precaution. The attack has been claimed by a coalition of hacker groups — Scattered Spider, Lapsus$, and ShinyHunters — who posted screenshots on Telegram, suggesting a level of coordination between actors already linked to high-profile breaches at UK retailers.
JLR is working with third-party cybersecurity specialists and law enforcement agencies to restore global systems in what it calls a controlled and safe manner. Experts warn the process will be lengthy. Restarting highly synchronised automotive production lines, where each component must arrive in sequence, is a complex task once digital infrastructure has been disrupted. Andy Palmer, former chief operating officer at Nissan and ex-CEO of Aston Martin, commented that “getting back up and running is really, really hard because you’ve got all of those sequence parts that you need to try to reorder into something that you can put together.”
The disruption lands at a difficult moment. Earlier this year, JLR reported a 49 per cent drop in quarterly underlying pre-tax profit, citing delays in US exports and tariff-driven volatility. Planned launches of new electric Range Rover and Jaguar models have already slipped to 2026, and the current shutdown threatens to erode confidence further.
With more than 30,000 employees in the UK and a far-reaching supply chain, pressure is mounting on government and the National Cyber Security Centre to step in with support. Ministers are monitoring the incident, with industry observers warning of knock-on risks comparable to past industrial shocks.
Jaguar Land Rover now faces a protracted recovery, with manufacturing, retail and supply operations all compromised. The cyber-attack has laid bare how resilience in automotive manufacturing rests as much on secure digital systems as on engineering strength. The coming weeks will decide whether the company can stabilise production and protect its market position.
