News

JLR falls victim to cyber attack as IT issues grind dealerships and production sites to a halt

  • JLR confirms global IT issues are down to cyber attack
  • Firm says production and sales sites have been ‘severely disrupted’
  • Bosses ‘working at pace’ to restart operations

Time 7:15 am, September 3, 2025

The IT issue which caused chaos at JLR dealerships on Monday’s new plate day has now been confirmed as a cyber attack.

Car Dealer reported yesterday (Tues) that the firm’s UK dealer network had been left unable to register new cars on Monday due to ‘global IT issues’.

The issues then continued throughout yesterday’s trading, with JLR later releasing a statement confirming it had fallen victim to a cyber attack.

Advert

The Gaydon-based carmaker says its production and sales have been ‘severely disrupted’ following the ‘major’ attack on its IT systems.

The car manufacturer, owned by India’s Tata Motors, was eventually forced to shut down systems after becoming aware of issues affecting its global operations.

A spokesman said last night that the firm was ‘working at pace’ to restart its operations across its retail and production sites.

They added that there is currently ‘no evidence’ that any customer data has been stolen as a result of the breach.

However, the Liverpool Echo reports that workers at JLR’s Halewood plant were told early on Monday morning not to come into work due to the issue.

A spokesman for the car manufacturer said: ‘JLR has been impacted by a cyber incident.

‘We took immediate action to mitigate its impact by proactively shutting down our systems.

‘We are now working at pace to restart our global applications in a controlled manner.

‘At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted.’

JLR’s IT services have been provided through Tata Consultancy Services Ltd – a subsidiary of Tata Motors – since 2023.

In response to the news of the attack, experts said the incident showed the importance of using ‘more than just traditional defences’.

Kev Eley, vice president UKI at cyber security firm Exabeam, said: ‘The recent cyberattack on JLR, one of the UK’s most iconic and respected brands, highlights the rising and critical threat facing the country’s automotive and manufacturing sector.


‘What was once considered a risk for IT teams alone is now a direct threat to business continuity, operational resilience, and national supply chains.

 ‘This incident reveals a wider trend in attacker behaviour. Threat actors are no longer just seeking out financial gain, they’re increasingly exploiting operational dependencies and taking advantage of expansive attack surfaces.

‘Despite this, there is no current evidence any customer data has been stolen from the attack.

‘What’s clear is that swift incident response remains a critical factor in containing threats and protecting core operations.

Staying ahead of attackers requires more than just traditional defences. AI-powered detection, behavioural analytics, and automated response systems help organisations reduce downtime, protect data, and gain the edge over modern threats.’

Jack Williams's avatar

Jack joined the Car Dealer team in 2021 as a staff writer. He previously worked as a national newspaper journalist for BNPS Press Agency. He has provided news and motoring stories for a number of national publications including The Sun, The Times and The Daily Mirror.



More stories...

Advert
Server V2