Jaguar Land Rover Scrambles to Contain Cyber Breach That Halted Production

Jaguar Land Rover (JLR) said Friday it is working “at pace” to restore operations after a major cyber incident forced it to shut down systems, halting both retail and production activities. The breach, disclosed earlier this week, has left thousands of factory workers at home until at least Tuesday as the company attempts a controlled restart of global applications.

Owned by India’s Tata Motors, JLR stressed there is no evidence customer data has been stolen so far. The company described the attack as “severely disruptive” to its operations across its three British car plants, where it employs around 33,000 people, making it the UK’s largest automotive employer.

The disruption adds to JLR’s mounting challenges. The company already reported an 11% sales drop in July, partly due to a U.S. export pause after Trump’s car import tariffs, and has cut its 2026 profit margin target from 10% to 5%-7%. Like other European automakers, it also faces weak demand in China and slower sales in Europe.

The attack mirrors a global trend of escalating ransomware campaigns hitting household names. Earlier this year, Marks & Spencer estimated its own cyber breach cost about £300 million ($405 million) in lost profit. Analysts warn that JLR’s recovery could also come with significant financial fallout if disruptions stretch beyond next week.