The cyberattack on Jaguar Land Rover (JLR) was severe enough to halt car production across its major UK plants for **over a month**, marking an unprecedented disruption in the company’s history. The attack’s ripple effects extended to JLR’s **entire supply chain**, prompting rare **government financial intervention** due to its systemic economic impact. The Bank of England (BoE) explicitly cited the incident as a key factor in the UK’s **slower-than-expected GDP growth (0.2% vs. projected 0.3%)**, estimating potential losses of **£2.1 billion ($2.75 billion) to the local economy** and **over £2 billion in lost revenues for JLR alone**. The Cyber Monitoring Centre classified it as a **Category 3 systemic event**, the first cyberattack in the UK to cause **material economic and fiscal harm at a national level**. The shutdown disrupted operations far beyond JLR, affecting suppliers and trade partners, with economists comparing its severity to crises like the **global financial downturn and COVID-19**—though uniquely crippling due to the **complete halt in production** for weeks.
Source: https://www.theregister.com/2025/11/07/bank_of_england_says_jlrs/
JLR cybersecurity rating report: https://www.rankiteo.com/company/jaguar-land-rover_1
"id": "jag0132201110725",
"linkid": "jaguar-land-rover_1",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'Automotive',
'location': 'United Kingdom',
'name': 'Jaguar Land Rover (JLR)',
'size': 'Large (Major global automaker)',
'type': 'Automotive Manufacturer'},
{'industry': 'Macroeconomic',
'location': 'United Kingdom',
'name': 'UK Economy',
'size': 'National',
'type': 'National Economy'},
{'industry': 'Automotive/Manufacturing',
'location': 'United Kingdom (primary), Global '
'(secondary)',
'name': 'JLR Supply Chain Partners',
'size': 'Extensive (multi-tiered)',
'type': 'Supply Chain Network'}],
'date_publicly_disclosed': '2023-10-05T00:00:00Z',
'description': 'The Bank of England (BoE) cited the cyberattack on Jaguar '
"Land Rover (JLR) as a key factor in the UK's "
'slower-than-expected GDP growth (0.2% in Q3 vs. 0.3% '
"projected). The attack halted JLR's production for nearly a "
'month, causing an estimated £2 billion in lost revenues and '
'up to £2.1 billion in broader economic damage. The UK '
'government intervened with financial support due to the '
"systemic impact on JLR's supply chain. The incident was "
'classified as a Category 3 systemic event by the Cyber '
'Monitoring Centre (CMC), marking the first time a cyberattack '
'caused material economic harm to the UK. The attack followed '
'a wave of cyber incidents targeting UK businesses, including '
'M&S, Co-op, and Harrods, linked to the Scattered Spider '
'group.',
'impact': {'brand_reputation_impact': ['Severe',
"Described as 'one of the worst "
"crises' in company history"],
'downtime': '1 month (full production halt)',
'financial_loss': '£2 billion (JLR alone), up to £2.1 billion '
'(local economy)',
'operational_impact': ['Complete shutdown of major plants',
'Supply chain disruptions',
'Government financial intervention '
'required'],
'revenue_loss': '£2 billion (JLR)',
'systems_affected': ['Production Plants',
'Supply Chain Systems',
'Operational Infrastructure']},
'initial_access_broker': {'high_value_targets': ['Production Systems',
'Supply Chain Networks']},
'investigation_status': 'Ongoing (threat actor attribution unconfirmed; '
'economic impact assessment complete)',
'lessons_learned': ['First cyberattack in UK history to cause material '
'economic/fiscal harm at national level.',
'Supply chain vulnerabilities can amplify systemic risks '
'beyond the primary target.',
'Government intervention may be required for cyber '
'incidents with macroeconomic consequences.',
'Urgent need for businesses to prioritize cybersecurity '
'as a matter of national resilience (per NCSC warnings).'],
'motivation': ['Financial Gain', 'Disruption'],
'post_incident_analysis': {'corrective_actions': ['Government-led review of '
'critical infrastructure '
'cybersecurity standards.',
"JLR's overhaul of "
'production system '
'resilience and backup '
'protocols.',
"NCSC's call for mandatory "
'cybersecurity audits for '
'nationally significant '
'organizations.'],
'root_causes': ['Inadequate cybersecurity measures '
'to prevent systemic operational '
'disruption.',
'Supply chain interdependencies '
'amplified economic impact.',
'Possible exploitation of '
'unpatched vulnerabilities or '
'insider threats (unconfirmed).']},
'recommendations': ['Implement robust supply chain cybersecurity protocols to '
'mitigate systemic risks.',
'Enhance collaboration between private sector and '
'government for critical infrastructure protection.',
"Adopt NCSC's urgency-based cybersecurity frameworks to "
'reduce exposure to nationally significant attacks.',
'Review and stress-test incident response plans for '
'scenarios with macroeconomic implications.'],
'references': [{'date_accessed': '2023-10-05',
'source': 'Bank of England (BoE) Rates Decision Announcement'},
{'date_accessed': '2023-10-05',
'source': 'Office for Budget Responsibility (OBR) Report '
'(2021)'},
{'date_accessed': '2023-10-28',
'source': 'Cyber Monitoring Centre (CMC) Category 3 Systemic '
'Event Classification'},
{'date_accessed': '2023-10-05',
'source': 'University of Birmingham (David Bailey, Professor '
'of Business Economics)'},
{'date_accessed': '2023-09-01',
'source': 'National Cyber Security Centre (NCSC) Annual '
'Review'}],
'regulatory_compliance': {'regulatory_notifications': ['Bank of England '
'(economic impact '
'disclosure)',
'Office for Budget '
'Responsibility (OBR) '
'assessment']},
'response': {'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['Government financial intervention',
'Gradual restart of production'],
'third_party_assistance': ['UK Government (financial support)']},
'stakeholder_advisories': ['Bank of England: Cited cyberattack as factor in '
'GDP growth revision.',
'UK Government: Provided financial support to JLR '
'due to systemic risk.',
'NCSC: Warned of 50% increase in nationally '
'significant cyberattacks (204 in 2023 vs. 89 in '
'2022).'],
'threat_actor': ['Scattered Spider (suspected, unconfirmed)'],
'title': 'Cyberattack on Jaguar Land Rover (JLR) Disrupts UK GDP Growth',
'type': ['Cyberattack', 'Systemic Economic Disruption', 'Supply Chain Impact']}