Jaguar Land Rover's (JLR) UK factories are now expected to remain closed until at least Wednesday after work was disrupted by a cyber attack just over a week ago.
The car plants at Halewood and Solihull and its Wolverhampton engine facility along with production facilities in Slovakia, China and India have been unable to operate since the company fell victim to the cyber attack.
Staff who work on the production lines have been told to remain at home.
JLR shut down its IT systems in response to the attack on 31 August, in order to protect them from damage. However, this caused major disruption.
JLR says it is working around the clock to restart its networks in a controlled and safe manner, and is liaising with third party cyber security specialists and law enforcement.
Last Thursday, JLR instructed staff to stay at home until at least Tuesday as it continued to grapple with the fallout from the cyber attack.
The carmaker, which is owned by India's Tata Motors, has not commented on reports that disruption could continue for several weeks.
Under normal circumstances, the company builds about 1,000 cars a day. The production stoppage has had a significant impact on the company's suppliers, with some understood to have told their own staff not to come into work.
As well as forcing the factories to stop building cars, it has also left dealerships unable to register new cars and left garages that maintain JLR vehicles unable to order the parts they needed – although it is understood workarounds have since been put in place.
The attack began in what is traditionally a popular time for consumers to take delivery of new vehicles. The latest batch of new registration plates became available on Monday, 1 September.
Last week, Shaun Adams, who manages car parts supplier Qualplast, told the BBC that a lengthy shutdown would be "concerning" for the business.
"If this starts progressing over weeks, then we would have to seriously look at what we need to future-proof."
A group of young hackers who have been behind other attacks on UK businesses including M&S earlier this year have also claimed responsibility for the JLR attack.
Within days of the attack, the group of English-speaking hackers bragged about it on messaging app Telegram.
One security expert speculated that screenshots shared by the suggested the criminals gained access to information they should not have.
It is understood the group was trying to extort money from the firm. JLR told the BBC last week it was aware of the claims and was investigating.
Shaun Adams says JLR is a significant client and the shutdown will have a knock-on effect
The company continues the complex work of restoring its systems after the cyber attack at the weekend.
The hack has caused severe disruption at manufacturing plants globally, with some staff told not to come into work.
Gloucester City Council says it found the amount by doing its accounts manually following a cyber attack in 2021.
A report from the makers of Claude said the AI tool had been used to commit cyber-attacks and fraud.
Copyright 2025 BBC. All rights reserved. The BBC is not responsible for the content of external sites. Read about our approach to external linking.
 

source