Skip to main content
close search
site logo

Jaguar Land Rover begins phased restoration of services following cyberattack

The luxury automaker is working diligently to clear payment backlogs and resume the shipment of parts.

Published Sept. 26, 2025
David Jones's headshot
Reporter
Doors are fitted and checked during production at the Jaguar Land Rover factory on March 1, 2017 in Solihull, England. Jaguar Land Rover is relaunching certain operations following a September 2025 cyberattack.
Doors are fitted and checked during production at the Jaguar Land Rover factory on March 1, 2017, in Solihull, England. Jaguar Land Rover is relaunching certain operations following a September 2025 cyberattack. Leon Neal via Getty Images

Jaguar Land Rover said it has restored a portion of its digital operations as part of a controlled restart, weeks after a major cyberattack. 

The automaker has been forced to pause production since it disclosed the incident on Sept. 2, resulting in a massive supply chain disruption and forcing thousands of workers to remain home. 

“The foundational work of our recovery program is underway,” the company said in a Thursday update on its website

The company’s Global Parts Logistics Centre, which provides parts to retailers in the U.K. and elsewhere, is being restored to normal operations, according to the update. 

JLR is working to clear a huge backlog of payments to its suppliers and has increased the IT capacity for processing invoices. 

The company has also restored the financial system used to process wholesale vehicle sales, allowing for faster sales and registration. 

The automaker, a subsidiary of Tata, said it is working around the clock with law enforcement, forensic experts and officials at the National Cyber Security Centre to help relaunch operations in a safe and secure manner. 

The company this week warned the restart of production would be delayed until Oct. 1. 

Earlier this month, JLR confirmed it was investigating a claim that a threat group stole a cache of data during the attack. The hackers behind the claim are linked to the notorious cybercrime group Scattered Spider. 

After initially denying knowledge of a data breach, the company later confirmed that customer data had been stolen in the attack.

Filed Under: Breaches, Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
CyberFOX and MSP Process Announce Strategic Partnership to Deliver End-User and Technician Ver…
From CyberFOX
September 24, 2025
CyberFOX logo
Operant Networks Launches Data Privacy for AI Agents, Announced at The AI Conference in San Fr…
From Operant Networks
September 16, 2025
Operant Networks logo
ThreatHunter.ai Calls Out the Second MFA Lie: “Compliance Says MFA = Job Done”
From ThreatHunter.ai
September 12, 2025
BeyondTrust Delivers Identity Security Controls for AI, Turning Agent Visibility into Action
From BeyondTrust
September 16, 2025
BeyondTrust logo
Editors' picks
Latest in Breaches
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.