Jaguar Land Rover said on Tuesday that it has extended its current pause in production until September 24, following a disruption from a cybersecurity incident disclosed earlier this month, according to Reuters.
The announcement marks the latest in a series of extensions since the cyberattack first struck on August 31, forcing the company to proactively shut down its global IT systems.
The Tata Motors-owned carmaker has been “working at pace to restart our global applications in a controlled manner” since the attack began, but recovery efforts have proven more complex than initially anticipated.
Suppliers Brace for Extended Shutdown
Meanwhile, The Telegraph reported on Sunday that the crisis could extend far longer than officially acknowledged. Jaguar Land Rover’s suppliers have been warned that car production may not resume until November as the fallout from a devastating cyber attack grows, according to the publication’s reporting.
Industry sources told The Telegraph that senior JLR figures were divided on how long the shutdown would drag on – but claimed they were told that a November restart was credible. One person briefed on the situation said: “They’re thinking it’s November before they get to production again.”
Massive Financial and Operational Impact
The production halt has already had severe consequences across JLR’s global operations. Every day of halted production is reportedly costing the Tata-owned automaker approximately £5m ($6.8m), according to Manufacturing Digital.
A shutdown until November would prevent JLR from producing almost 50,000 cars and cost billions of pounds in lost sales, The Telegraph noted. The company typically produces around 1,000 vehicles daily, meaning the extended shutdown represents a massive operational disruption.
The timing has been particularly damaging, coinciding with September 1’s new vehicle registration plate release – traditionally one of the busiest periods for UK car sales.
Supply Chain Under Severe Pressure
The crisis extends well beyond JLR’s own facilities, with as many as 250,000 people work in JLR’s supply chain potentially affected, according to Professor David Bailey of Birmingham University. The company’s suppliers under significant financial pressure, with some likely to go bust without outside support, The Telegraph reported.
Multiple suppliers have already instructed their workers to stay home, creating a cascading effect throughout the automotive ecosystem. Suppliers dependent on JLR’s systems describe being locked out of “a giant database” blackout, leaving them unable to fulfil orders or dispatch critical parts.
Investigation
The breach has been attributed to the Scattered Spider cybercrime group, notorious for targeting prominent retailers, including Marks & Spencer, according to cybersecurity experts. The group has reportedly shared screenshots purporting to show access to JLR’s internal systems.
While JLR initially stated there was no evidence of customer data theft, the company later confirmed that data has been compromised, alongside severe disruption to its operations.
Government and Industry Response
The crisis has prompted calls for government intervention. Unite general secretary Sharon Graham added the call for government to defend jobs when industries are under attack, while academic experts have urged ministers to consider emergency financial support for vulnerable suppliers.
Business minister Sir Chris Bryant said it was too early to determine whether the attack was state-sponsored, according to Digital Watch Observatory.
Global Operations Affected
The shutdown affects not only UK facilities in Solihull, Halewood, and Wolverhampton, but also international operations. The cyber attack that paralysed Jaguar Land Rover’s operations earlier this month serves as a case study for manufacturing executives battling rising cyber threats. The British luxury carmaker – a subsidiary of Tata Motors in India – experienced a significant system shutdown, forcing factory closures in the UK, China, Slovakia and India.
Recovery Efforts Continue
JLR has maintained that it is “working at pace to restart our global applications in a controlled manner” while working with law enforcement and cybersecurity specialists. However, the company has not provided a definitive timeline for full operational recovery.
The incident represents one of the most significant cyberattacks on a major automotive manufacturer in recent years, highlighting the vulnerability of increasingly digitized manufacturing operations to sophisticated cyber threats.