Jaguar Land Rover Cyberattack Causes Major Business Disruption

Severity: High (Score: 69.5)

Sources: Munichre, Thelens.Slaughterandmay

Summary

In late 2025, Jaguar Land Rover (JLR) experienced a significant cyberattack that halted production for nearly six weeks, impacting over 5,000 suppliers and dealerships. This incident is estimated to have caused total damages of approximately £1.9 billion, making it one of the most economically devastating cyber incidents in the UK. The British government intervened with a loan guarantee of £1.5 billion to support the affected ecosystem. The attack likely involved compromised login credentials, highlighting the need for better IT and operational technology (OT) network segmentation. As a result, many organizations are now focusing on enhancing their operational risk management strategies to mitigate the impact of such interruptions. The incident underscores the importance of rapid response capabilities and effective business continuity plans. Companies are advised to implement multi-factor authentication and monitor for unusual user behavior to prevent similar attacks in the future. Key Points: • Jaguar Land Rover faced a cyberattack causing a six-week production halt. • The incident resulted in estimated damages of £1.9 billion and affected over 5,000 suppliers. • The British government provided a £1.5 billion loan guarantee to support the impacted ecosystem.

Key Entities

• Ransomware (attack_type)
• Jaguar Land Rover (company)
• Marks & Spencer (company)
• T1078 - Valid Accounts (mitre_attack)