Government

Cyberattack on JLR Prompts £1.5 Billion UK Government Intervention

The government has announced a support package, but a cybersecurity expert has raised some concerns.

The UK government has announced a £1.5 billion ($2 billion) loan guarantee for Jaguar Land Rover (JLR) in response to the highly disruptive cyberattack that recently hit the carmaker.

The government made the announcement on Sunday, saying that the support package is meant to “give certainty to its supply chain following a recent cyber-attack”.

“The loan from a commercial bank, backed by the Export Development Guarantee (EDG) provided by export credit agency UK Export Finance, will be paid back over five years and bolster JLR’s cash reserves so it can support its supply chain which has been greatly impacted by the shutdown,” the government said.

The government’s announcement points out that JLR is one of the UK’s largest exporters and is responsible for one of the largest automotive sector supply chains in the country. Roughly 34,000 people are employed directly by JLR and 120,000 in supply chain operations. 

Some experts believe the bailout will encourage cybercriminals to continue targeting UK companies with weak cybersecurity. 

“Personally I think the UK is going to be one to watch now,” said cybersecurity researcher Kevin Beaumont, who has been monitoring this and other major cyber incidents, “if I was an e-crime threat actor, I’d zero in on the UK.”

Advertisement. Scroll to continue reading.

Insurance news website The Insurer reported last week that JLR had failed to secure cyberinsurance ahead of the hacker attack, claims that the carmaker has refused to confirm or deny. 

The Guardian reported that JLR, which is owned by Tata Group, has outsourced cybersecurity and other IT services to Tata Consultancy Services (TCS), which also works with Marks & Spencer and Co-op, both believed to have been targeted by Scattered Spider, the same cybercrime group that has taken credit for the attack on JLR.

The cyberattack, discovered in late August, resulted in severe disruptions to the company’s internal systems and the shutdown of production lines. 

In a statement issued on September 25, JLR said it had managed to restore “sections of its digital estate”, including systems related to invoicing, parts logistics, and sales. On September 29, the company said some of its manufacturing operations will “resume in the coming days”.  JLR previously said production would resume on October 1 at the earliest. 

The company admitted that the cyberattack resulted in a data breach, but it has yet to clarify what type of information has been compromised. 

JLR has also yet to make public any estimate on the cyberattack’s financial impact. The British retailers believed to have been targeted recently by Scattered Spider reported losses of hundreds of millions of pounds. Co-op last week reported £206 million ($275 million) in lost sales, while Marks & Spencer in May estimated losses of £300 million ($400 million). 

Related: Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

Related: Cost of Data Breach in US Rises to $10.22 Million, Says Latest IBM Report

Related: Wytec Expects Significant Financial Loss Following Website Hack

Related Content

Artificial Intelligence

ChatGPT maker OpenAI said Friday it is restricting the release of its new artificial intelligence model at the request of President Donald Trump’s administration.

ICS/OT

Mandiant has helped the California water utility investigate the cyberattack launched by Iranian hacker group Handala.

Artificial Intelligence

Come vulnerabilities were found within hours, but that does not mean the model was able to exploit them within that time, the official said.

Data Protection

Federal agencies are required to transition high-value assets and high-impact systems to use PQC by the end of 2030 and 2031.

Government

NSPM-12 establishes a clear structure for NSS cybersecurity governance and accountability and reestablishes CNSS.

Government

The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries.

Artificial Intelligence

The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to...

Cyberwarfare

The speech is the latest in a string of warnings from intelligence experts that Russia is stepping up hostile activity in a “gray zone”...

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version