LONDON, October 31 (Market Insider) – A crippling cyberattack on Jaguar Land Rover (JLR) has rocked the United Kingdom’s manufacturing sector, leaving experts warning that the country’s cyber resilience is dangerously underprepared. The attack, estimated to have cost around $2.5 billion, is now regarded as the most expensive security breach in British history, with ripple effects extending far beyond the automaker’s production lines.
JLR, the U.K.’s largest car manufacturer and one of its most important exporters, was forced to halt production at multiple factories worldwide after reporting a “cyber incident” on September 2. More than a month later, the company is still only gradually restarting operations. The scale of the disruption has been staggering—wholesale deliveries reportedly plunged 25% year-on-year in the second quarter, while Jaguar’s sales across the European Union have fallen nearly 80% so far this year.
“This wasn’t just another cyber headline. It was a macroeconomic event, and a very serious one for the U.K.,” said Edward Lewis, director at the Cyber Monitoring Centre, in an interview with CNBC. Lewis warned that Britain’s cyber threat landscape has shifted sharply, moving from data theft and ransomware toward direct economic sabotage.
The economic fallout has been swift. In the West Midlands—home to JLR’s main facilities—eight in ten businesses reported being negatively impacted, with 14% already laying off workers. The plant shutdown was so severe it was cited by S&P Global as a key factor behind the U.K.’s manufacturing PMI drop to a six-month low of 46.2, signaling deep contraction.
The hack is believed to have been orchestrated by Scattered Lapsus$ Hunters, a loose coalition of cybercriminal groups that includes the notorious Scattered Spider—previously linked to attacks on British retailers such as Marks & Spencer and Co-op. The National Crime Agency has launched an investigation.
The incident comes as Britain’s National Cyber Security Centre (NCSC) warns of an alarming surge in digital attacks, with the country now facing four major cyber incidents every week—a record high. In October, the NCSC and Treasury officials, including Finance Minister Rachel Reeves, sent letters to the CEOs of all FTSE 350 companies urging them to strengthen their defenses, warning: “Don’t wait for the breach—act now.”
Adding to the controversy, attention has turned to JLR’s parent company Tata Group, whose IT arm, Tata Consultancy Services (TCS), manages parts of the automaker’s digital infrastructure. JLR expanded its partnership with TCS in late 2023 under an $1 billion contract aimed at creating a “simplified and leading-edge IT system.” But the same firm also managed IT services for Marks & Spencer and Co-op—both recent cyberattack victims. While TCS insists its own networks were not compromised, U.K. lawmakers have demanded greater transparency into the company’s role in the expanding crisis.
The British government has scrambled to contain the fallout. Officials have offered loan guarantees worth up to $1.9 billion to stabilize JLR’s supply chain and prevent cascading bankruptcies among local suppliers. But the revelation that JLR lacked cyber insurance has raised uncomfortable questions about whether taxpayers should shoulder the burden for corporate vulnerabilities.
“The price of saving good companies is a lot cheaper than losing them,” the Confederation of British Metalforming said, calling for longer-term support. Yet cybersecurity experts warn that government bailouts risk creating a “moral hazard,” discouraging companies from investing adequately in their own digital resilience.
JLR, which accounts for roughly 4% of the U.K.’s total goods exports, has long been a cornerstone of British manufacturing. But this attack, analysts say, marks a turning point—proof that cybersecurity is now a matter of national economic security.
“The real conversation,” Lewis emphasized, “should be about turning resilience into value. We need a collective national understanding of just how big this threat has become—and what it means for Britain’s future competitiveness.”
By Market Insider Editorial Desk – providing global readers with the latest on cybersecurity, manufacturing, and the U.K.’s industrial outlook.
