Manage your account
…
Data has been stolen as a result of the cyber attack on JLR last week, the company has confirmed.
The 1 September hack has left the Jaguar and Land Rover maker crippled. No cars have been produced globally since, leading to what is expected to be millions of pounds of lost income.
A timescale for a fix is yet to be announced.
The extent of the issues meant JLR brought in police and cybersecurity experts over the weekend to “restart our global applications in a controlled and safe manner”.
During this process, which included an investigation, it was discovered that "some data" was taken, said JLR.
JLR said today (10 September) that those affected will be contacted, suggesting that this data relates to customers.
A JLR spokesperson told Autocar: “As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators.
“Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.
“We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.”
JLR has been rebuilding its internal IT systems since it shut them down following the cyber attack.
Alongside production issues, dealer sales, handovers and parts ordering are also affected.
JLR told Autocar on Saturday that “our retail partners remain open”. Autocar understands dealers are manually registering cars while computer systems remain down.
Meanwhile, the majority of workers at JLR’s production sites in the West Midlands and Merseyside have been told not to return to work again today. They are being updated daily and still being paid, with lost hours being "banked".
Production is also understood to have stopped at JLR's factories in Slovakia and India.
While JLR's public-facing website appears to be fully operational, the car configurator isn't accepting build orders, instead directing buyers to purchase from stock.
Autocar first reported issues affecting JLR on 1 September, when dealers couldn't register new cars on 'new plate day' , traditionally one of the year's busiest for registrations.
In an effort to combat the hack, JLR began “shutting down our systems” on 2 September.
It's still in the process of rebuilding them and is unabel to confirm a timescale for the fix.
Who has claimed responsibility?
On 3 September, Scattered Spider – the group that hacked retailer Marks & Spencer in May, causing seven weeks of disruption and costing £300 million in lost operating profit – claimed responsibility for the attack on JLR.
Along with fellow hacking group Shiny Hunters, it claimed to have obtained customer data after exploiting a similar flaw in JLR’s IT system, The Telegraph reported.
The claim was made on a Telegram messenger group, where a user linked to the hackers posted a screenshot of what appeared to show JLR's internal system.
A member of the group told The Telegraph that a well-known flaw in SAP Netweaver – third-party software used by JLR – was exploited to access the data.
US cyber agency CISA warned about the flaw earlier this year. An update for the software was released, but whether JLR applied it is unknown.
It's also not known what data was taken or if a ransom demand has been made.
JLR told Autocar in a statement on 3 September that “there is no evidence any customer data has been stolen”.
According to The Telegraph, the hacking groups are believed to be made up of teenagers from English-speaking countries.
]]>
Car accessories
Help
About us
About our ads
Licensing
Sitemap
Follow us on
© 2025 Yahoo. All rights reserved.
