Jaguar Land Rover (JLR) is extending its production shutdown for another week as it works to restore impacted systems following a cyber attack in late August.
"Today we have informed colleagues, suppliers and partners that we have extended the current pause in our production until Wednesday 24th September 2025," a JLR statement said.
“We have taken this decision as our forensic investigation of the cyber incident continues, and as we consider the different stages of the controlled restart of our global operations, which will take time."
The UK-based car manufacturer first revealed it was attacked on 2 September, initially shutting down systems to thwart attackers. This resulted in severe disruption for production lines at a spate of locations, including Solihull and Wolverhampton.
Last week, however, the manufacturer admitted that some data may have been accessed by hackers.
JLR hasn't identified any specific group or actor for the attack, though the Scattered Lapsus$ Hunters group has claimed responsibility with cryptic posts on Telegram, where it has also suggested ransomware was used on the JLR IT systems.
Data theft could come back to haunt Jaguar Land Rover
Cyber attacks that target and disrupt the production infrastructure of large manufacturers demonstrate just how intertwined cybersecurity and business resilience need to be, according to James McQuiggan, the CISO advisor at KnowBe4.
"When core systems are taken offline, the impact cascades through employees, suppliers, and customers, showing that business continuity and cyber defence should be indivisible,” McQuiggan said.
Beyond the immediate disruption, however, data theft during such incidents increases the long-term risks, from reputational damage to regulatory consequences, McQuiggan explained.
He advised organizations to regularly test and update their business continuity and incident response plans, strengthen supply chain risk assessments, and adopt zero trust principles to limit attacker movement.
“Just as important is addressing human risk, as social engineering remains the leading entry point for attackers,” McQuiggan said.
“Ongoing security awareness, phishing simulations, and behavior analysis of users in a human risk management program help users recognize and resist malicious tactics. By combining strong technical controls with a culture of cyber resilience, organizations can reduce their exposure and recover with greater confidence."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
CISA just published crucial new guidance on keeping Microsoft Exchange servers secureNews With a spate of attacks against Microsoft Exchange in recent years, CISA and the NSA have published crucial new guidance for organizations to shore up defenses.
-
US telco confirms hackers breached systems in stealthy state-backed cyber campaign – and remained undetected for nearly a yearNews The hackers remained undetected in the Ribbon Communications’ systems for months
-
Google says reports of a 'huge' Gmail breach affecting millions of users are false, againNews Reports of a major Gmail affecting millions of users have been flooding the web this week – Google says they're "false" and you've nothing to worry about.
-
Enterprises can’t keep a lid on surging cyber incident costsNews With increasing threats and continuing skills shortages, AI tools are becoming a necessity for some
-
Cyber researchers have already identified several big security vulnerabilities on OpenAI’s Atlas browserNews Security researchers have uncovered a Cross-Site Request Forgery (CSRF) attack and a prompt injection technique
-
CISA issues alert after botched Windows Server patch exposes critical flawNews A critical remote code execution flaw in Windows Server is being exploited in the wild, despite a previous 'fix'
-
Former NCSC head says the Jaguar Land Rover attack was the 'single most financially damaging cyber event ever to hit the UK' as impact laid bareNews Researchers said they place the UK financial impact of the attack on Jaguar Land Rover at around £1.9 billion.
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
