• Home
  • cyber
  • Jaguar Land Rover and SAP: Jaguar Land Rover failed to finish cyber insurance purchase
cyber Cyber Attack

Jaguar Land Rover and SAP: Jaguar Land Rover failed to finish cyber insurance purchase

Sep 24, 2025 2 min read
Jaguar Land Rover and SAP: Jaguar Land Rover failed to finish cyber insurance purchase

Jaguar Land Rover Hit by Costly Cyberattack as Insurance Gap Leaves It Exposed

Jaguar Land Rover (JLR), the UK’s largest automaker, is grappling with the fallout of a severe cyberattack that has forced three factories offline until at least October 1. The financial impact is estimated at £50 million ($68 million) per week, with over 30,000 employees idled and suppliers facing financial strain. The attack has been attributed to the hacking group Scattered Spider, which previously targeted British retailers, and may have exploited a vulnerability in SAP software, raising concerns about vendor governance and patch management.

Unlike Marks & Spencer, which recently suffered a breach by the same group but is expected to recover over £100 million through its cyber insurance program, JLR lacks coverage. The company had been negotiating a policy through broker Lockton but failed to finalize the deal before the attack. Without insurance to offset business interruption losses, JLR is bearing the full cost of the shutdown, highlighting the risks of gaps in cyber coverage particularly for manufacturers reliant on just-in-time production and complex supply chains.

The incident has sent ripples through the cyber insurance market, serving as a stress test for underwriters ahead of the autumn renewal season. It underscores the existential vulnerabilities of operating without coverage in an era of increasingly sophisticated attacks on operational technology. The shutdown has also drawn government attention, with UK industry minister Chris McDonald pledging support to stabilize JLR and its supply chain. Meanwhile, the Unite trade union has warned of potential job losses across the 104,000 roles tied to JLR’s production, and S&P Global has noted the broader economic impact in its latest UK manufacturing survey.

JLR is preparing a phased restart plan, but the attack has already become a cautionary case study for enterprises on the consequences of incomplete cyber insurance placement.

Source: https://www.insurancebusinessmag.com/us/news/cyber/jaguar-land-rover-failed-to-finish-cyber-insurance-purchase-550678.aspx

SAP cybersecurity rating report: https://www.rankiteo.com/company/sap

JLR cybersecurity rating report: https://www.rankiteo.com/company/jaguar-land-rover_1

"id": "SAPJAG1773959105",
"linkid": "sap, jaguar-land-rover_1",
"type": "Cyber Attack",
"date": "9/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Automotive',
                        'location': 'UK',
                        'name': 'Jaguar Land Rover (JLR)',
                        'size': 'Largest UK automaker',
                        'type': 'Automaker'}],
 'attack_vector': 'Vulnerability exploitation (SAP software)',
 'description': 'Jaguar Land Rover (JLR), the UK’s largest automaker, is '
                'grappling with the fallout of a severe cyberattack that has '
                'forced three factories offline until at least October 1. The '
                'financial impact is estimated at £50 million ($68 million) '
                'per week, with over 30,000 employees idled and suppliers '
                'facing financial strain. The attack has been attributed to '
                'the hacking group Scattered Spider, which previously targeted '
                'British retailers, and may have exploited a vulnerability in '
                'SAP software, raising concerns about vendor governance and '
                'patch management.',
 'impact': {'downtime': 'Until at least October 1',
            'financial_loss': '£50 million ($68 million) per week',
            'operational_impact': '30,000 employees idled, supply chain '
                                  'disruption',
            'systems_affected': 'Three factories offline'},
 'lessons_learned': 'Highlights risks of gaps in cyber coverage and '
                    'vulnerabilities in operational technology for '
                    'manufacturers reliant on just-in-time production.',
 'post_incident_analysis': {'root_causes': 'Potential SAP software '
                                           'vulnerability, lack of cyber '
                                           'insurance coverage, vendor '
                                           'governance and patch management '
                                           'issues'},
 'references': [{'source': 'S&P Global UK manufacturing survey'}],
 'response': {'recovery_measures': 'Phased restart plan'},
 'stakeholder_advisories': 'UK industry minister Chris McDonald pledged '
                           'support to stabilize JLR and its supply chain.',
 'threat_actor': 'Scattered Spider',
 'title': 'Jaguar Land Rover Hit by Costly Cyberattack as Insurance Gap Leaves '
          'It Exposed',
 'type': 'Cyberattack',
 'vulnerability_exploited': 'SAP software vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.