Jaguar Land Rover (JLR) is facing tremendous existential issues as well. These headaches came in the wake of a cyber attack by a group of hackers known as the “Scattered Lapsus$ Hunters. The attack has led to a shutdown of critical city IT networks. This produced a cascading effect, where production at other plants has stopped, hurting overall car production and sales. This hack comes on the heels of a major recent profit plunge for JLR. This downward trend has been aggravated by increased expenses due to US tariffs.
The cyberattack prompted JLR to take its systems offline starting on Sunday, November 26 to prevent further damage. Production of internal combustion engine cars has now stopped at the firm’s factories in Halewood and Solihull. Impacting West Midlands engine manufacturing centre, Wolverhampton. This latest disruption lands a new economic blow to JLR. The company has been facing ongoing financial challenges and increasing costs of operation.
The same hackers who breached JLR’s systems released evidence of their breach in mid-September. They released photos that they claim represent internal guidance for diagnosing problems with car charging and internal computer logs. It’s still unclear if they were able to steal any private data or install malicious software in JLR’s network.
This incident isn’t the first time for JLR’s cybersecurity vulnerabilities to be exposed. Earlier this year, a Russian hacker group called Clop launched a highly destructive ransomware attack against British retail institution Marks and Spencer. They further claimed to have penetrated JLR’s systems. In 2023, JLR scrambled to alleviate these pressures by entering a five-year, £800 million agreement with Tata Consultancy Services. This collaborative effort will strengthen fiscal and operational cybersecurity and IT service delivery.
Despite these best practices, the latest cyber incident has resulted in questions about whether JLR’s cyber defenses were sufficient. The company is now doing a lot to accelerate its digital transformation projects. This combined effort will significantly strengthen its overall cybersecurity defenses, both within its operations and beyond.
The timing of the attack is particularly egregious. The recent new issue series only went into effect on September 1. This time is typically marked by a boom in vehicle sales. As a result, the production stop represents a major blow to JLR’s potential to rebound financially.