https://media.jaguarlandrover.com/news/2025/09/statement-cyber-incident-2
Jaguar Land Rover (JLR), the British automotive giant, has announced that it will extend the production shutdown at its facilities for an additional week, following a severe cyberattack that disrupted its operations at the end of August.
The company, which employs around 39,000 people and produces over 400,000 vehicles annually with a reported revenue of over $38 billion, has been working to resume operations since the attack was first disclosed on September 2nd. However, the company has now informed its employees, suppliers, and partners that production will not resume until Wednesday, September 24th, 2025.
In a statement, JLR cited the ongoing forensic investigation into the cyber incident and the need to carefully consider the different stages of a controlled restart of its global operations as the reasons for the extended shutdown. The automaker has yet to attribute the attack to a specific cybercrime group, though a group calling itself “Scattered Lapsus$ Hunters” has claimed responsibility and stated that they have deployed ransomware on JLR’s compromised systems.
While JLR has confirmed that the attackers stole “some data” during the breach, the company has not provided further details on the extent of the data theft or its potential impact on customers. The situation underscores the growing threat of sophisticated cyberattacks targeting critical industries, and the significant disruptions they can cause to global supply chains and manufacturing operations.