JLR faced yet another hurdle
British luxury auto magnate Jaguar Land Rover is facing yet another speed bump, as it announced in a statement on September 2 that it had been hit by what it calls a “cyber incident.” In a statement posted prominently on its website, the firm noted that it “took immediate action to mitigate its impact by proactively shutting down our systems” and that it is working to restart its systems after a threat had impacted both its retail and vehicle production operations.
“We are now working at pace to restart our global applications in a controlled manner,” Jaguar Land Rover said in its statement. “At this stage, there is no evidence that any customer data has been stolen, but our retail and production activities have been severely disrupted.”
Jaguar Land Rover
The breach sent JLR factory workers home, says the BBC
According to a report from the BBC, the “cyber incident” interrupted production at Jaguar Land Rover’s main manufacturing facilities in Great Britain. According to the Liverpool Echo, workers at the company’s Halewood plant, near the coastal city, where it builds the Range Rover Evoque and Discovery Sport, were notified by email to stay home from work on September 2 and that they will be required to return to work on Wednesday, “unless otherwise informed.”
In addition, the attack is said to have also affected production at the firm’s other main UK manufacturing facility in Solihull outside of Birmingham, where it builds the Range Rover and Range Rover Sport, as workers there were also given similar instructions to stay home from work.
According to a report from Autocar, the first signs of the “cyber incident” were on September 1, when a JLR dealer confirmed the existence of the issue, noting that the branch had registered no new cars on “new plate” day, traditionally one of the year’s busiest days. JLR’s parent company, Tata, first reported the issues to the Indian stock exchange on Monday evening, which referred to the issue as an “IT security incident” without further details.
JLR’s cyber issue comes amid a sales dip and shrinking profits
Jaguar Land Rover’s ‘cyber incident’ comes on the heels of a major blow inflicted by steep levies faced before the United Kingdom and the Trump administration worked out a trade deal that significantly reduced tariffs on car exports. During Q2 2025, the issues surrounding tariffs and currency headwinds contributed to an eye-watering 49% dip in underlying pre-tax profits to £351 million (~$470 million), while revenues dropped by £700 million (~$937 million), or 9.2% year-over-year to £6.6 billion (~$8.83 billion).
In a statement, Jaguar Land Rover welcomed the cut of UK to US car export tariffs from 27.5% to 10%, noting that the tariffs had a “direct and material impact on profitability and cashflow in the period” but adding that the “US-UK trade deal will significantly reduce the financial impact of US tariffs going forward”.
“We are grateful to the UK and US governments for delivering at speed the new UK-US trade deal, which will lessen the significant US tariff impact in subsequent quarters, as will, in due course, the EU-US trade deal announced on 27 July 2025,” former JLR CEO Adrian Mardell said in a statement at the time.
Final thoughts
It is important to note that JLR’s “cyber issue” comes amid a surge in global cyber breaches and ransomware attacks, which could significantly damage the affected companies’ bottom lines and reputations. Notably, the situation at JLR comes on the heels of a cyberattack that affected the famed British retail institution Marks & Spencer. Last month, it reopened its click-and-collect online ordering portal after nearly four months of suffering from a cyberattack that resulted in data theft.
According to IBM’s Cost of a Data Breach Report 2025, companies lose an average of $4.4 million as a result of a data breach, a 9% year-over-year decrease that it says has been driven by faster identification and containment. Jaguar Land Rover, like many large companies, has hired cybersecurity service providers. In 2023, Jaguar Land Rover entered into a 5-year deal worth £800 million ($1.07 billion) with Tata Consultancy Services for these services.
Dahvid Schloss, the CEO and co-founder of cybersecurity firm Emulated Criminals, told Autoblog that while this situation may not sound significant to a company like JLR, which has revenues in the hundreds of millions, it can still suffer a relatively decent hit to its bottom line due to some customers shying away out of fear. This loss could result in costs that are ultimately passed on to the consumer.
“Only about 45% of [companies] raise their prices post breach, which is a little bit down from last year, which was 63%, but when they do hike those costs up, it’s usually 15% or more,” Schloss said. In addition, he mentioned that if the unmentioned “cyber incident” that JLR reported was an “extortion event” like a ransomware attack, the cost of settling it could make vehicle prices go up.
