## TL;DR
- Jaguar Land Rover (JLR) confirmed a cyberattack in early September 2025, leading to factory disruptions and a data breach.
- The attack impacted production and retail operations, with the Scattered Lapsus$ Hunters group claiming responsibility.
- While JLR initially stated no customer data was stolen, further investigations revealed sensitive information was compromised.
Jaguar Land Rover Confirms Cyberattack and Data Breach
In early September 2025, Jaguar Land Rover (JLR), a leading British luxury vehicle manufacturer, disclosed a significant cyberattack that disrupted its operations and led to a data breach. The attack forced the company to shut down critical systems to mitigate further damage, affecting production and retail activities globally.
### Impact on Operations
The cyberattack caused major disruptions at JLR's Solihull production plant, halting car registrations and parts supply chains. UK dealers reported operational delays, further exacerbating the situation. Initially, JLR stated that no customer data had been compromised, but subsequent investigations revealed otherwise.
"JLR has been impacted by a cyber incident. We took immediate action to mitigate its impact by proactively shutting down our systems. At this stage, there is no evidence any customer data has been stolen, but our retail and production activities have been severely disrupted." — Jaguar Land Rover Official Statement
### Data Breach Confirmed
On September 11, 2025, JLR confirmed that sensitive data had been affected during the cyberattack. While the company did not disclose the specific type of compromised information, it assured regulators and affected parties that it was actively investigating the breach.
"As a result of our ongoing investigation, we now believe that some data has been affected, and we are informing the relevant regulators. Our forensic investigation continues at pace, and we will contact anyone as appropriate if we find that their data has been impacted." — BBC News Report
### Cybercriminal Group Claims Responsibility
The Scattered Lapsus$ Hunters, a group linked to previous high-profile cyberattacks on UK retailers, claimed responsibility for the JLR breach. This group has been associated with disruptive cyber activities, including attacks on Marks & Spencer in April 2025[^1].
### About Jaguar Land Rover
Jaguar Land Rover is a British luxury vehicle manufacturer headquartered in Whitley, Coventry, UK. The company operates two iconic brands: Jaguar and Land Rover. Since 2008, JLR has been owned by Tata Motors (India), which acquired it from Ford. The company sells vehicles in over 120 countries, with major markets in Europe, North America, and China.
## Why This Matters
The JLR cyberattack highlights the growing threat of cybercrime in the automotive industry. As manufacturers increasingly rely on digital systems, the risk of data breaches and operational disruptions rises. This incident serves as a critical reminder for businesses to strengthen cybersecurity measures and prepare for potential threats.
## Conclusion
The Jaguar Land Rover cyberattack underscores the vulnerabilities in modern industrial systems. While the company is working to restore operations and secure its data, the incident raises concerns about cybersecurity resilience in the automotive sector. As investigations continue, stakeholders must remain vigilant against evolving cyber threats.
For updates, follow @securityaffairs on Twitter, Facebook, and Mastodon.
## References
[^1]: Security Affairs. (2025). "Marks & Spencer Confirms Data Breach After April Cyber Attack". Retrieved 2025-09-11.