JLR is still unable to build any cars at any of its global factories three weeks on from a cyber attack that crippled its business – and worries are now growing that those in its supply chain could go bankrupt.
The Jaguar and Land Rover maker was targeted by hackers on 1 September and is still in the process of rebuilding its computer systems. The group that hit Marks & Spencer earlier this year has claimed responsibility. 
This has led to production shutdowns at all of JLR’s global plants, parts ordering issues and retailers being stifled. A timescale for a fix is yet to be announced.
The effect could be costing JLR up to £5 million a day, business economics professor David Bailey told Autocar last week.
Last Wednesday, JLR confirmed data has been “affected” as a result of the cyber attack, which, while not confirmed, is thought to mean customer details were stolen.
JLR told Autocar today (Monday 15 September) that it has no official update to give, but reports over the weekend claimed that some of the firm’s suppliers could go bust as a result of the shutdowns.
Former Aston Martin CEO Andy Palmer told the BBC: “I would not be at all surprised to see bankruptcies.” 
Palmer added that many suppliers will soon begin to slim their staff count as a result of the shutdown, saying: “You hold back in the first week or so of a shutdown; you bear those losses. But then you go into the second week, more information becomes available – then you cut hard. So layoffs are either already happening or are being planned.”
To prevent widespread job losses, the government is facing calls for a furlough scheme to be set up, similar to that used during the Covid pandemic. This would involve the government subsidising workers’ pay packets while they are unable to do their jobs, taking the burden off their employers.
One of those making the call is Commons Business and Trade Committee chairman Liam Byrne.
The Labour MP said: “What began in some online systems is now rippling through the supply chain, threatening a cashflow crunch that could turn a short-term shock into long-term harm. We cannot afford to see a cornerstone of our advanced manufacturing base weakened by events beyond its control.”
The general secretary of trade union Unite, Sharon Graham, has also called for a furlough scheme.
View all car reviews
“Thousands of these workers in JLR’s supply chain now find their jobs are under an immediate threat because of the cyber attack,” she said. “Ministers need to act fast and introduce a furlough scheme to ensure that vital jobs and skills are not lost while JLR and its supply chain get back on track.”
Autocar first reported issues affecting JLR on 1 September, when dealers couldn’t register new cars on ‘new plate day’ , traditionally one of the year’s busiest for registrations.
In an effort to combat the hack, JLR began “shutting down our systems” on 2 September.
It’s still in the process of rebuilding them and is unabel to confirm a timescale for the fix.
The hack has left the Jaguar and Land Rover maker crippled. No cars have been produced globally since, leading to millions of pounds of lost income.
The extent of the issues meant JLR brought in police and cybersecurity experts in to “restart our global applications in a controlled and safe manner”.
During this process, which included an investigation, it was discovered that “some data” was “affected”, said JLR. Those affected will be contacts, said the firm.
It’s not officially known what data was taken or if a ransom demand has been made. 
On 3 September, a group of hackers calling themselves Scattered Lapsus$ Hunters claimed responsibility for the attack on JLR.
This is the same group that hacked Marks & Spencer in May, causing the British retailer seven weeks of disruption and costing £300 million in lost operating profit.
It claimed to have obtained customer data after exploiting a similar flaw in JLR’s IT system. The claim was made on a Telegram messenger group, where a user linked to the hackers posted a screenshot of what appeared to show JLR’s internal system.
A member of the group revealled that a well-known flaw in SAP Netweaver, third-party software used by JLR, was exploited to access the data.
The US’s Cybersecurity and Infrastructure Security Agency warned about the flaw earlier this year. An update for the software was released, but whether JLR applied it is unknown.
It’s also not known what data was taken or if a ransom demand has been made of JLR.
Join our WhatsApp community and be the first to read about the latest news and reviews wowing the car world. Our community is the best, easiest and most direct place to tap into the minds of Autocar, and if you join you’ll also be treated to unique WhatsApp content. You can leave at any time after joining – check our full privacy policy here.
Will is Autocar’s news editor.​ His focus is on setting Autocar’s news agenda, interviewing top executives, reporting from car launches, and unearthing exclusives.
As part of his role, he also manages Autocar Business – the brand’s B2B platform – and Haymarket’s aftermarket publication CAT.
The hackers will remove the hack only after JLR does the following:Improve their poor reliability record. Expect removal in 2075.
Did someone very clever get very annoyed when this Indian company’s car let them down, and the Indian company were not good at placating them?
Just a thought.
View all car reviews

source