8:06 am, September 11, 2025
Cyber criminals who hacked into JLR’s global IT systems have accessed ‘some data’, the carmaker has confirmed.
The British outfit says that information has been compromised and it is now working to inform anyone who has been affected.
The news represents a major blow to the embattled firm, which insisted last week that there was ‘no evidence’ of data being stolen.
However, within days of that claim, the company referred itself to the Information Commissioner’s Office (ICO) and bosses are now working to inform regulators about what exactly has been breached.
The firm’s production plants remain halted as a result of attack, with multiple reports saying that staff have been told not to return until Monday at the very earliest.
In a statement released yesterday (Wed) afternoon, a JLR spokesman said: ‘Since we became aware of the cyber incident, we have been working around the clock, alongside third-party cybersecurity specialists, to restart our global applications in a controlled and safe manner.
‘As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators.
‘Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.
‘We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.’
Car Dealer reported last Monday that JLR’s UK dealers had been left unable to register cars on September new plate day as a result of ‘global IT issues’.
The following day, the firm confirmed it had fallen victim to a cyber attack, with multiple groups later claiming to be behind the hack.
The BBC reports that three English language speaking hacking groups known as Scattered Spider, Lapsus$ and ShinyHunters – who were previously behind attacks on Marks and Spencer – have claimed responsibility.
The broadcaster says that the gang bragged about the hack on instant messaging platform Telegram and shared screenshots purporting to be from the car manufacturer’s internal IT system.
The group is said to be trying to extort money from the car manufacturer but refused to confirm if they had managed to steal private data from JLR, in private messages with the BBC.
Another English-speaking hacker, who calls himself ‘Rey’ has also claimed to be behind the attack, according to the Financial Times.
Yesterday, the government said it was ‘keeping an open mind’ as ministers refused to rule out state involvement in the incident.
