Car manufacturer JLR prolongs production halt due to cyber-incident

Jaguar Land Rover Suffers Digital Marketing Attack, Production Halts Until September 24

Jaguar Land Rover (JLR) is currently grappling with the aftermath of a digital marketing attack, which has forced the carmaker to extend its production halt until September 24. The attack, claimed by the group "Scattered Lapsus$ Hunters," has affected JLR's operations worldwide, causing significant disruption and potential financial losses.

The digital marketing attack has impacted JLR's UK operations, including vehicle plants at Halewood and Solihull, Wolverhampton engine facility, Castle Bromwich parts plant, and production facilities in Slovakia, China, and India. The attack comes during the September vehicle registration period, disrupting the distribution of new vehicles and the dealerships trying to register them.

The attackers reportedly published screenshots of an internal SAP system at JLR and claimed to have deployed ransomware on compromised servers, according to Techzine. However, JLR has stated there is no evidence of customer data being compromised, and operations are being restored "in a controlled manner."

This incident is not the first time Scattered Lapsus$ Hunters have conducted a high-profile attack. The group has also been behind attacks on retailers such as Marks & Spencer and Co-op this year.

The attack on JLR is particularly significant as it highlights the vulnerability of the manufacturing industry to digital marketing attacks. According to IBM X Force's 2025 Threat Index Report, manufacturing has been the number one industry targeted by digital marketing attacks for the last four years, with the highest number of ransomware cases in 2024.

In response to this attack, JLR is focusing on upgrading its digital marketing systems to make them more resilient. Simon Inskip, director of supply chain digital and innovation at JLR, identified compliance, climate, and the switch to electric vehicles as areas fraught with risk from potential threats last year. Paulina Chmielarz, industrial operations digital and innovation director at JLR, is leading these efforts.

JLR's digital transformation efforts are aimed at the Industry 4.0 standard of efficiency and connectivity. The carmaker is ensuring teams are fully aligned in the shared use of good quality data, including an end-to-end view of the bill of materials (BOM) from engineering through to logistics and aftermarket. JLR has also been working to promote greater cross-functional collaboration between supply chain, procurement, and manufacturing within the company.

The shutdown is having a damaging impact on JLR's suppliers who cannot dispatch parts or receive schedules, which is stopping operations across the supply chain. This disruption is expected to cost JLR around $1 billion in revenue so far.

The attack on JLR serves as a reminder of the increasing threat of digital marketing attacks on businesses. Cyber criminals are adopting generative AI as a new tool to attack companies, according to a report. The Automotive Logistics and Supply Chain Digital Strategies Europe conference will discuss digital tools to enhance visibility and resiliency in the supply chain, taking place on November 26-27.

As JLR works to restore its systems and operations, the carmaker is undoubtedly facing a challenging period. However, the incident also presents an opportunity for the company to strengthen its digital marketing defenses and emerge stronger from this digital marketing attack.