Jaguar Land Rover admits data may have been stolen in cyber attack – Tech Digest

Share

Jaguar Land Rover (JLR) has confirmed that data was likely compromised in a recent cyber-attack that has forced the company to halt production, sending workers home and stopping the worldwide output of around 1,000 vehicles a day.

The admission comes 11 days after the incident began, which has brought production lines at the Solihull, Halewood, and Wolverhampton plants to a standstill.

Initially, the car manufacturer, owned by India’s Tata Motors, stated it believed no customer information had been stolen. However, the company has since changed its stance, conceding that “some data has been affected.”

JLR has declined to specify whether the information belonged to customers, suppliers, or the company itself, but has begun informing relevant regulators.

A group known as Scattered Lapsus$ Hunters, which was also responsible for cyber-attacks on UK retailers including M&S, has claimed responsibility for the breach. JLR’s forensic investigation is ongoing, and the company has stated it will contact those impacted as they are identified.

The full implications of the attack extend beyond the stolen data, as the operational disruption is proving to be a significant challenge for the automaker.

Ciaran Martin, a professor at the University of Oxford and former head of the National Cyber Security Centre, underscored this point in an interview. “There’s a real difference between somebody breaking into your house… and using that to defraud you,” Martin said, comparing the data breach to “being punched in the face and having your legs broken” in reference to the operational impact.

He argues that while law mandates protecting customer data as a top priority, securing a firm’s day-to-day operations is just as critical.

The government is also closely monitoring the situation. Chris Bryant, the newly-appointed business minister, told MPs that officials were “engaging with JLR on a daily basis to understand the challenges that the company and its suppliers are facing.”

The company has shut down its IT networks in response to the attack and is now engaged in the complex process of restarting its systems, with assistance from the National Cyber Security Centre. The affected plants are not expected to resume production until Thursday at the earliest.

For latest tech stories go to TechDigest.tv