Jaguar Land Rover cyberattack caused £1.9 billion hit, most damaging in UK history: Report

The recent cyberattack that crippled Jaguar Land Rover’s manufacturing network has caused an estimated £1.9 billion in economic losses, the most damaging cyber incident ever recorded in the United Kingdom, according to an assessment published by the Cyber Monitoring Centre (CMC).

The CMC, an independent body that tracks major cyber incidents, classified the event as a Category 3 systemic incident on its five-point scale, which shows its deep impact on the UK economy and supply chains.

The watchdog said the attack affected more than 5,000 UK organisations, mostly linked to JLR’s manufacturing and supplier network.

Production at the automaker’s key plants in Solihull, Halewood and Wolverhampton was halted for nearly five weeks after JLR shut down its IT systems in late August, disrupting vehicle output, supply chains and dealership operations.

The estimated financial impact stemmed largely from lost manufacturing output at JLR and its suppliers, as well as reduced vehicle sales and supply chain interruptions. It did not include potential ransom payments or losses from data theft, which were not believed to be material.

“This incident appears to be the most economically damaging cyber event ever to hit the UK,” the CMC said, adding that the scale of operational disruption “dwarfs” losses seen in previous known data breach incidents.

The centre warned that the event underscored the rising risk of disruptive attacks targeting operational technology, noting that modern manufacturing systems are highly exposed to digital shutdowns that ripple through national supply chains.

The CMC, however, assumed the company would not need to draw on the funds.

“We have assumed that JLR will manage to work with key suppliers to ensure that they remain solvent and able to recover,” it said.

While details of the attack remain unclear, the decision by JLR to take its systems offline “suggests there was at least a significant risk that attackers had reached, or would reach, sensitive operational infrastructure,” the report said.

The cyber disruption also hit thousands of small suppliers across the UK’s automotive industry, forcing some to cut pay, reduce hours or lay off workers, the CMC said. It warned that prolonged shutdowns in key industrial sectors could have lasting social and regional economic consequences.

The watchdog urged boards and regulators to prioritise resilience of operational systems, not just data protection, and called on companies to re-evaluate their cyber insurance and supply chain risk strategies.

“This event demonstrates how a cyber attack on a single manufacturer can reverberate across regions and industries, from suppliers to transport and retail,” the CMC said.

Jaguar Land Rover, owned by Tata Motors, has not disclosed details about the nature of the attack. The company said earlier this month it had resumed limited production and was working with cybersecurity experts to restore full operations.