Jaguar Land Rover (JLR) is inching back to life after being forced to shut down for more than a month following a major cyberattack that hit at the end of August.
The attack froze its systems and halted output at its three UK factories (in Solihull, Wolverhampton, and Halewood), costing the company an estimated £50 million a week in lost production. The UK government, through UK Export Finance, stepped in with a £1.5 billion loan guarantee to stop the crisis from spreading through the supply chain.
The loan will help JLR clear overdue supplier payments and keep smaller businesses afloat. About 30,000 people work directly for JLR in Britain, and another 100,000 depend on it through parts and service contracts, many of which were close to running out of cash.
Moreover, local businesses around JLR’s sites were also feeling the hit. Cafés, car-hire services, and even small takeaways lost regular income as factory traffic vanished. Economists warned that without quick support, layoffs could spread while the U.K. carmaker was already grappling with U.S. tariff pressures—threatening the skilled workforce and the industrial backbone of the Black Country.
Now after weeks of shutdown, JLR is bringing workers back in phases. The first sites to reopen were its Wolverhampton engine plant and battery centre in Hams Hall. Teams at Solihull, Halewood, and Castle Bromwich are also returning to restart body and paint operations before full vehicle production resumes. The company has promised to fast-track payments to key suppliers, paying some invoices up to 120 days earlier than usual so that parts can begin moving again.
The hack, claimed by a group calling itself Scattered Lapsu$ Hunters, exposed just how vulnerable even a large carmaker can be. The group had previously targeted major retailers and tech firms, but this attack effectively froze one of the UK’s biggest manufacturers. Reports suggest JLR didn’t yet have full cyber-insurance coverage when the breach occurred, leaving it to bear the recovery costs itself.
Experts say the incident highlights a bigger problem with how dependent modern industries are on shared digital systems. Cybersecurity specialists note that JLR’s “just-in-time” production model meant even a short outage stopped the flow of parts entirely. They call for companies to establish stronger backup networks, including better segmentation between systems, and insurance plans that cover both direct damage and supplier disruption.
Observers have also warned that the UK’s car supply chain is stretched too thin and is at a point where government support is essential to prevent small manufacturers from collapsing. While some MPs continue to criticise ministers for reacting too slowly, unions and local leaders called the loan guarantee an important step in protecting jobs and skills across the Midlands and Merseyside.
For now, JLR is focused on recovery, with cybersecurity teams and the National Cyber Security Centre still investigating how the breach unfolded. This cyberattack exposed how one digital hit can paralyse a modern automaker. As vehicles become smarter, electric, and constantly connected, the risk only grows. Analysts warn that even global EV makers like Tesla and BYD, built on shared networks and cloud systems, could face similar dangers.
Still, the bigger question now is whether the auto industry is ready for a future where one breach could bring fleets of intelligent, electric cars to a sudden stop—or even send them into overdrive.
