The attack has halted vehicle production at JLR’s plants in the UK and Slovakia for three weeks, with no new cars produced since the start of the month. About 33,000 workers at JLR’s Solihull, Halewood and Wolverhampton plants have been told not to report for duty, though the company says no jobs are at risk. JLR normally produces around 1,000 cars a day.
The company confirmed that some data was affected in the attack, raising concerns about customer information being compromised. Hackers calling themselves “Scattered Lapsus$ Hunters” claimed responsibility, saying they exploited a flaw in third-party SAP NetWeaver software. The group has previously targeted UK retailer Marks & Spencer.
JLR first noticed problems on September 1 when dealers were unable to register cars on “new plate day,” one of the busiest sales dates in the UK. On September 2, the company shut down its systems to contain the breach. Screenshots of JLR’s internal systems have since surfaced online.
JLR says it is restoring global applications “in a controlled and secure manner” with the help of cybersecurity experts. Police are also involved in the investigation. Losses from halted operations are estimated at up to Rs 60 crore a day.
Suppliers have been hit hard. German parts maker Eberspächer suspended production at its Nitra, Slovakia, plant, which makes exhaust systems for JLR. Around 30 workers are either on leave or working reduced hours with 80% pay. Other firms in the supply chain, such as quality-control provider Hollen, have also cut back operations.
Industry executives warn that layoffs and bankruptcies among suppliers may follow if JLR’s shutdown continues. Former Aston Martin CEO Andy Palmer said several subcontractors are already scaling back.
JLR’s Nitra factory produces about 130,000 vehicles annually, including the Discovery and Defender models, and employs 4,000 people. Its closure has disrupted a wide network of parts makers in the region.
UK lawmakers discussed the incident in Parliament last week, including whether the attack could have been state-sponsored. Officials said it is too early to confirm such speculation.
JLR has apologised for the disruption and promised further updates as recovery progresses.
(With input from agencies)
/images/ppid_59c68470-image-17580100716088018.webp)
/images/ppid_59c68470-image-1758007566977377.webp)
/images/ppid_a911dc6a-image-175808365134089268.webp)
