Yazılar

Jaguar Land Rover Hack Inflicts $2.5 Billion Blow to UK Economy, Report Finds

/in /tarafından

The cyberattack on Jaguar Land Rover (JLR), owned by India’s Tata Motors (TAMO.NS), has cost the UK economy an estimated £1.9 billion ($2.55 billion) and disrupted more than 5,000 organisations, according to a report published Wednesday by the Cyber Monitoring Centre (CMC).

The CMC, an independent body comprising cybersecurity experts including the former head of Britain’s National Cyber Security Centre, described the August attack as “the most economically damaging cyber event to hit the UK.” Most of the financial fallout, it said, stems from lost manufacturing output across JLR and its suppliers.

JLR was forced to halt production for nearly six weeks, affecting its three UK plants that together produce around 1,000 vehicles per day. The company began resuming operations earlier this month, but analysts estimated losses at roughly £50 million per week during the shutdown.

The British government extended a £1.5 billion loan guarantee in September to help JLR stabilize its supply chain and support affected partners. The CMC warned that total losses could climb higher if production takes longer than expected to return to normal levels.

“This incident highlights the scale of vulnerability in interconnected supply chains,” the CMC said, noting that the breach disrupted not only JLR’s assembly lines but also dealerships and logistics providers.

The attack was classified as a Category 3 systemic event — the third-highest severity level on the CMC’s five-tier scale — due to its widespread economic ripple effects.

The report also placed the incident among a series of major British cyber breaches in 2025, including one at Marks & Spencer (MKS.L) in April that caused an estimated £300 million ($400 million) in losses after shutting down its online platform for two months.

JLR declined to comment on the findings but is expected to release its financial results in November. The CMC report, which is funded by the insurance industry, said the event underscores the growing systemic risk cyberattacks pose to the UK’s industrial and economic stability.

Envoy Air hit by Oracle-linked cyberattack, confirms limited data exposure

/in /tarafından

Envoy Air, the largest regional carrier for American Airlines (AAL.O), confirmed on Friday that it was the victim of a cyberattack linked to Oracle (ORCL.N) E-Business Suite vulnerabilities, part of a broader hacking campaign carried out by the CL0P extortion group.

The Texas-based airline said it had launched an internal investigation and contacted law enforcement after discovering the breach, which affected systems connected to Oracle software.

“We have conducted a thorough review of the data at issue and have confirmed no sensitive or customer data was affected,” a company spokesperson said. “A limited amount of business information and commercial contact details may have been compromised.”

Envoy Air operates over 160 aircraft and 875 daily flights for American Airlines. The company is the second confirmed victim of the campaign, which cybersecurity experts say has exploited weaknesses in Oracle’s enterprise systems to infiltrate corporate networks.

The CL0P ransomware group, known for previous high-profile attacks on software providers, claimed responsibility and listed American Airlines on its website as one of the victims, though the airline said questions should be directed to Envoy.

Google’s cybersecurity team said earlier this month that the ongoing campaign may have been active for over three months, resulting in the theft of “mass amounts of customer data” from various organizations. Harvard University also confirmed it was targeted in a similar attack earlier this week.

The breach underscores the growing risks associated with third-party enterprise software, particularly as hackers increasingly exploit widely used business platforms for extortion.

UK’s Capita fined £14 million over 2023 cyber breach affecting 6.7 million people

/in /tarafından

Capita has been fined £14 million ($18.7 million) by the UK Information Commissioner’s Office (ICO) for failing to protect personal data during a 2023 cyberattack that compromised information belonging to 6.7 million individuals, the outsourcing firm said on Wednesday.

The company, which provides services to UK government departments and major corporations, said the fine was part of a settlement with the ICO. Capita had previously estimated that the breach could cost up to £20 million in financial damages.

The ICO report found that Capita failed to maintain adequate network protections, allowing unauthorized access and privilege escalation, and did not respond properly to early security alerts. The regulator said the case underscored the growing pressure on British companies to strengthen cyber defenses following major breaches at Marks & Spencer, Co-op, and Jaguar Land Rover.

“With so many cyber attacks in the headlines, our message is clear: every organization, no matter how large, must take proactive steps to keep people’s data secure,” said John Edwards, the UK’s Information Commissioner.

Capita said it has since introduced advanced cybersecurity measures and completed an internal overhaul of its digital infrastructure. “Following an extended period of dialogue with the ICO, we are pleased to have concluded this matter,” said CEO Adolfo Hernandez.

The firm expects a free cash outflow of £59 million–£79 million in 2025, up from previous guidance of £45 million–£65 million, but noted that all other financial targets remain unchanged.

According to the National Cyber Security Centre (NCSC), the number of “highly significant” cyber incidents in Britain has doubled year-on-year, reflecting growing systemic risks across the public and private sectors.