News

Jaguar Land Rover cyber attack: government cash on the cards to save supply chain

Labour is considering buying parts from JLR’s supply chain in order to keep both the automotive giant, as well as the smaller firms that depend on it, in business

25 Sep 2025

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 25 Sep 2025

Land Rover Defender 110 County - front corner left

The Government is considering offering financial support to Jaguar Land Rover over fears that many firms in its supply chain could go bust in the light of the recent cyber attack, which will see production delayed until at least October.

Reportedly, ministers are weighing up whether or not to buy components from JLR’s suppliers in order to keep them in business until production resumes. Not doing so could result in a complete disassembly of the firm’s supply chain, thus making it even more difficult to restart production. With JLR losing as much as £500 million per week while its sites are at a standstill, the Government’s intervention would be the first of its kind following a cyber attack.

New ‘baby’ Range Rover electric SUV: design, technology and full details

On Thursday, the parliamentary Business and Trade Select Committee will meet with businesses within the JLR supply chain to discuss the situation. This will then be shared with the Government, helping inform a decision on what the next steps will be.

In the meantime, JLR – which supports around 104,000 people in the UK in its supply chain – has told many of its 33,000 employees to stay at home while it works on a controlled restart of its global operations. Unions claim workers have been told to apply for Universal Credit and are calling on the Government to introduce a form of furlough scheme to help JLR’s workforce, but this has reportedly been dismissed as too expensive for the taxpayer.

JLR cyber attack timeline

On 02 September, JLR confirmed that it was the victim of what it described as a “cyber incident” that occurred on 31 August. In order to mitigate the infiltration, the firm’s IT team immediately shut down its array of online systems, so the various production lines that rely on this type of technology came to a halt.

From the day following the attack, JLR asked its factory employees to remain at home. Since then, production across the firm’s sites in Halewood, Solihull, Wolverhampton and abroad has remained at a standstill while the company works with “third‑party cybersecurity specialists and alongside law enforcement” in order to get things back online safely.

The brand began an in-depth investigation into the incident, with a spokesperson saying on 10 September: “Since we became aware of the cyber incident, we have been working around the clock, alongside third-party cybersecurity specialists, to restart our global applications in a controlled and safe manner.

“As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators. Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.”

Best SUVs to buy 2025

It has yet to be confirmed what data this is.

Senior manager of security operations at cybersecurity firm Huntress, Dray Agha, said the incident “highlights the critical vulnerability of modern manufacturing, where a single IT system attack can halt a multi-billion-pound physical production line”.

If you’re considering buying one of JLR’s models, our Buy a Car service has plenty of great Land Rover deals available, we also have a wide selection of used Land Rover models.

DVLA help

In the meantime, a deal struck by JLR and the DVLA has enabled dealers to register new cars without the firm’s systems being online, although the supply of new models into showrooms may soon dry up while the factory doors remain closed.

Whether or not JLR pays cash to appease the hackers, this whole incident will inevitably result in huge losses for the British giant, which has already seen a dip in quarterly sales for the first part of 2025 – something that’s been attributed to President Donald Trump’s unprecedented foreign tariffs.

Warning other manufacturers which may become victims of such attacks in the future, Agha said that designing systems to continue core functions even during an attack can help reduce the financial and operational impact.

Furthermore, Agha says, brands “must implement and rigorously test 'segmentation'. [This] means creating digital firewalls between critical production networks and other business IT systems.” Doing so “contains an attack and prevents a single point of failure from bringing the entire operation to a standstill,” she added.

Our dealer network has 1,000s of great value new cars in stock and available now right across the UK. Find your new car…

Cars
Consumer

.imgHideOnJavaScriptDisabled_4059a115mfze7nc0 { display: none !important; }

Tom Jervis

Consumer reporter

Tom is Auto Express' Consumer reporter, meaning he spends his time investigating the stories that matter to all motorists - enthusiasts or otherwise. An ex-BBC journalist and Multimedia Journalism graduate, Tom previously wrote for partner sites Carbuyer and DrivingElectric and you may also spot him throwing away his dignity by filming videos for the Auto Express social media channels.