Jaguar Land Rover (JLR) has been forced to suspend production at some of its most important manufacturing sites after a major cyberattack hit the luxury carmaker’s global operations. The incident has left thousands of UK workers facing uncertainty, with the company instructing many factory staff to remain at home until at least next Tuesday.
The company’s Halewood plant in Merseyside, the Solihull factory in the West Midlands, and the Wolverhampton engine plant are among the facilities where production lines have ground to a halt. Employees have been advised not to return to work before September 9, as managers continue to assess the extent of the damage.
JLR, which is owned by India’s Tata Motors, confirmed earlier this week that the attack had “severely disrupted” production and sales systems. The company shut down key IT infrastructure on Sunday after identifying the breach, but the disruption has rippled through its operations. Dealerships and garages are reportedly unable to order replacement parts, while some new vehicle handovers have been delayed.
The timing of the attack is particularly damaging. September is traditionally one of the most important months for car manufacturers, with the launch of new registration plates driving consumer demand. Any interruption in sales or repairs during this crucial period risks denting both revenue and confidence.
Adding to the challenge, the car industry is already facing headwinds. With JLR workers facing voluntary redundancies, weaker consumer sentiment, higher borrowing costs, and US tariffs have all created a tough environment for manufacturers. For JLR, this latest cyber incident represents another significant setback at a sensitive time.
This is not the first time UK companies have been targeted. Earlier this year, Marks and Spencer, the Co-op and Harrods suffered cyber incidents linked to hackers Scattered Spider. Those attacks forced M&S to suspend online sales for several weeks, with losses estimated at around £300 million. Police investigations led to the arrest of four young suspects, who were later bailed.
For JLR, reassurance remains a priority. The company has emphasised there is currently “no evidence” that customer data has been stolen. In a statement, the carmaker said it was “working at pace” to restore normal operations across production and retail sites.
For workers, the immediate concern is when they will be able to return to the production line. Until systems are fully operational, staff have been asked to stay home, leaving uncertainty over pay and scheduling in the days ahead. The company has promised to update employees regularly as progress is made.
The episode highlights the growing threat of cyber attacks to major UK businesses, particularly in sectors reliant on complex supply chains and global IT systems. While JLR seeks to get its factories moving again, the incident underlines just how disruptive such breaches can be for both businesses and the people they employ.
