12:05 pm, September 5, 2025
Personal data may have been stolen by cyber attackers who targeted JLR’s global IT systems earlier this week.
That is according to a report in The Times, which has revealed that the British carmaker has referred itself to the Information Commissioner’s Office (ICO).
Under UK law, firms must alert the ICO within 72 hours if there is a leak involving personal data. The body must be made aware if any names, addresses, phone numbers, bank account details or employee records fall into the hands of hackers.
JLR said on Tuesday that there was ‘no evidence any customer data has been stolen’ but the situation may have now changed, following the ICO referral.
An ICO spokesman confirmed: ‘Jaguar Land Rover has reported an incident and we are assessing the information provided.’
The Times report goes on to claim that the fallout of the cyber attack could take ‘weeks, if not months’ to resolve.
Meanwhile, staff have been told not to come to work until at least next Tuesday as the carmaker continue to grapple with the attack.
The British firm has hit the pause button at its Halewood and Solihull car building sites, as well as its engine manufacturing site in Wolverhampton.
Production workers have reportedly been told to work from home until September 9, although the situation remains under review.
As a result, customers are now expected to face significant delays when waiting for their cars to be delivered.
Car Dealer reported earlier this week that JLR’s UK dealers had been left unable to register cars on September new plate day as a result of ‘global IT issues’.
The following day, the firm confirmed it had fallen victim to a cyber attack, which is now said to have been carried out by the same group who previously targeted Marks and Spencer.
The BBC reports that three English language speaking hacking groups known as Scattered Spider, Lapsus$ and ShinyHunters, have claimed responsibility.
The broadcaster says that the gang bragged about the hack on instant messaging platform Telegram and shared screenshots purporting to be from the car manufacturer’s internal IT system.
The group is said to be trying to extort money from the car manufacturer but refused to confirm if they had managed to steal private data from JLR, in private messages with the BBC.
The hackers were also tight-lipped on whether they had been able to install malicious software on to the company’s network.
