A catastrophic cyberattack on Jaguar Land Rover, the UK’s largest automaker, disrupted its global manufacturing operations, halting production lines for weeks across at least three UK plants. The attack also crippled dealer systems, causing intermittent unavailability, and led to cancelled or delayed orders for suppliers, creating widespread uncertainty. The financial toll reached an estimated **£1.9 billion ($2.5 billion)**, surpassing the economic damage of the 2017 WannaCry attack. The incident was severe enough to reduce the UK’s GDP growth by 0.2% in the quarter, per the Bank of England, marking it as the most economically devastating cyberattack in British history. While no customer data theft was confirmed, the attack paralyzed industrial production—a rare and extreme outcome for cyber incidents. Evidence suggests the attack involved **ransomware**, with hackers encrypting systems and demanding payment for restoration, though the company took nearly a month to partially resume operations. The ripple effects extended to dealerships, parts suppliers, and export markets, notably the U.S.
JLR cybersecurity rating report: https://www.rankiteo.com/company/jaguar-land-rover_1
"id": "jag4432644111125",
"linkid": "jaguar-land-rover_1",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'Automotive',
'location': 'United Kingdom',
'name': 'Jaguar Land Rover',
'size': 'Large (U.K.’s largest automaker)',
'type': 'Automotive Manufacturer'},
{'industry': 'Automotive',
'location': 'Global (primarily U.K.)',
'name': 'U.K. Automotive Suppliers (multiple)',
'type': 'Supply Chain Partners'},
{'industry': 'Automotive',
'location': 'Global',
'name': 'Jaguar Land Rover Dealerships',
'type': 'Retail'}],
'customer_advisories': ['Public acknowledgment of disruption (2024-09-02)'],
'data_breach': {'data_exfiltration': 'No (publicly reported)',
'number_of_records_exposed': '0',
'personally_identifiable_information': 'No',
'sensitivity_of_data': 'None',
'type_of_data_compromised': 'None (publicly reported)'},
'date_detected': '2024-08-01',
'date_publicly_disclosed': '2024-09-02',
'description': 'A cyberattack against British car manufacturer Jaguar Land '
'Rover, the U.K.’s largest automaker, caused a severe '
'disruption in industrial production, leading to a 0.2% '
'reduction in the country’s GDP growth. The attack, which '
'began in August 2024, resulted in an estimated financial loss '
'of £1.9 billion ($2.5 billion), halting production lines for '
'weeks, disrupting dealer systems, and affecting global supply '
'chains. The incident is suspected to be ransomware-related, '
'though no official attribution has been made. The fallout '
'surpassed the economic impact of the 2017 WannaCry attack, '
'making it the most economically devastating cyberattack in '
'British history.',
'impact': {'brand_reputation_impact': 'Severe (economic and operational '
'disruption)',
'data_compromised': 'None (publicly reported)',
'downtime': 'Several weeks (production halt)',
'financial_loss': '£1.9 billion ($2.5 billion)',
'identity_theft_risk': 'None (publicly reported)',
'operational_impact': ['Total shutdown of industrial production',
'Cancelled/delayed supplier orders',
'Uncertainty in future order volumes'],
'payment_information_risk': 'None (publicly reported)',
'systems_affected': ['Production lines',
'Dealer systems',
'Supply chain management systems']},
'initial_access_broker': {'high_value_targets': ['Industrial production '
'systems',
'Dealer networks']},
'investigation_status': 'Ongoing (specifics unclear as of 2024-10-03)',
'motivation': ['Financial gain (suspected)', 'Disruption'],
'ransomware': {'data_encryption': 'Suspected (based on operational '
'disruption)'},
'references': [{'date_accessed': '2024-10-03',
'source': 'Bank of England Quarterly Monetary Policy Report'},
{'date_accessed': '2024-10-03',
'source': 'NBC News - Interview with Ciaran Martin (Cyber '
'Monitoring Centre)'},
{'date_accessed': '2024-09-XX',
'source': 'Cyber Monitoring Centre Report on Jaguar Land '
'Rover Hack'},
{'date_accessed': '2024-09-XX',
'source': 'BBC - Hacker Group Claim (Telegram, now deleted)'}],
'response': {'communication_strategy': ['Public acknowledgment on 2024-09-02',
'No further details provided'],
'incident_response_plan_activated': 'Yes (implied by public '
'acknowledgment and recovery '
'efforts)',
'remediation_measures': ['Resuming manufacturing after ~4 '
'weeks']},
'title': 'Catastrophic Cyberattack on Jaguar Land Rover Disrupts U.K. GDP',
'type': ['Cyberattack', 'Ransomware (suspected)']}