Jaguar Land Rover (JLR) has asked thousands of factory workers to remain at home until at least Tuesday, as the company continues to deal with the aftermath of a major cyber attack.
The attack, which happened over the weekend, forced JLR to shut down key IT systems. That decision has rippled across the business, halting production at plants in Halewood, Solihull, and Wolverhampton, while also disrupting car sales.
Right now, no one knows exactly when things will return to normal. The company says it’s reviewing the situation daily, and production could be suspended for longer. While some car sales are still going through, many dealers are struggling to process transactions.
This couldn’t have come at a worse time. September is usually a busy month for car deliveries, thanks to the release of new registration plates. The disruption is also hitting JLR’s suppliers, who rely on access to the company’s systems to keep parts moving. Some garages have warned that customers may face long delays if their vehicles need repairs.
James Wallis, who runs Nyewood Express, an independent Land Rover repair shop in West Sussex, explained the problem:
“The parts list is basically one giant database for every car. If I can’t look it up, I can’t order what I need. That means I can’t fix the car, and the customer is left waiting.”
The impact stretches far beyond the UK. Alan Howard, who runs a Land Rover parts business in Tasmania, Australia, said his systems went down too.
“Even though I’m independent, I use the same software as a dealer in London. Monday morning we came in—and it was gone.”
Some third-party sellers still offer older parts, but for newer vehicles, many repair shops have been left improvising.
Adding to the pressure, a hacker group calling itself Scattered Lapsus\$ Hunters has claimed responsibility. The group, believed to be made up of young English-speaking hackers, previously targeted Marks & Spencer earlier this year. They’ve shared what look like internal JLR documents online, raising concerns about how much access they gained. So far, there’s no evidence that customer data has been stolen.
JLR has been trying to modernize its systems, signing a £800m deal with Tata Consultancy Services in 2023 to strengthen cybersecurity and speed up digital transformation. But the cyber attack comes at a tough time for the company, which is already battling rising costs and a recent drop in profits linked to US tariffs.
For now, production lines remain silent, and workers, suppliers, and customers around the world are left waiting for answers. Photo by Jaguar / Land Rover Factory - Halewood by Anthony Parkes, Wikimedia commons.