The cyberattack on Jaguar Land Rover (JLR) in late August 2025 caused a dramatic drop in UK car production by over 25% in September, marking the lowest output for that month since 1952. The attack, which led to a full production halt at JLR’s factories in Solihull, Wolverhampton, and Halewood, forced the automaker to pause all vehicle assembly worldwide for about five weeks. This unprecedented interruption impacted not only JLR but also its extensive supply chain, disrupting thousands of jobs and causing significant financial losses amounting to £1.9 billion, the costliest cyber event in UK history.​

The Society of Motor Manufacturers and Traders (SMMT) reported that UK car production dropped 27.1% in September 2025, with only about 51,090 cars produced, compared to 70,039 in September 2024. When commercial vehicles like vans are included, the overall vehicle production fall was even steeper, at 35.9%. This decrease was mainly due to the JLR cyberattack, as other manufacturers such as Nissan and Toyota reported stable or growing production levels. JLR is the UK’s second-largest car manufacturer, so its shutdown heavily influenced national statistics. Nearly half of the produced vehicles last month were electrified models, reflecting a continued industry trend towards green technologies despite the overall fall.​

The cyberattack reverberated through JLR’s supply network, affecting around 5,000 suppliers. Several suppliers faced layoffs, with workers urged to seek government assistance. The halt at JLR’s production plants meant many parts manufacturers temporarily lost business, threatening smaller companies in the supply chain with bankruptcy. This ripple effect highlighted the vulnerability of interconnected manufacturing systems to cyber disruptions.​

Investigations revealed that the attack started with social engineering techniques, where hackers used phishing and voice phishing (vishing) to trick JLR employees into sharing login credentials. This allowed attackers to access JLR’s IT systems without needing to exploit technical vulnerabilities directly.

The breach compromised some customer data and forced JLR to suspend production until a forensic investigation could assure system security. The financial loss is estimated at around £50 million per week during the shutdown, reflecting the high operational cost of such cyber incidents.​

This cyberattack illustrates how modern manufacturing industries depend deeply on complex, digitized supply chains and IT systems, making them vulnerable to cyber threats. It also highlights the significant economic impact such attacks can cause beyond the target company, affecting thousands of jobs and suppliers. In responding, JLR initiated a phased restart of its production lines in early October and introduced financial aid schemes to help its suppliers recover.

While cyberattacks on large companies are not new, the scale of disruption here is unprecedented in the UK automotive sector. It underscores the need for robust cybersecurity defenses and supply chain resilience within the manufacturing industry. At a broader level, the event serves as a wake-up call for many industries about the hidden dangers of digital dependencies, encouraging increased investment in cybersecurity and disaster recovery planning to protect jobs and the economy.​

In conclusion, the cyberattack on Jaguar Land Rover not only slashed UK car production by a quarter in September 2025 but also exposed significant vulnerabilities in the automotive sector’s digital infrastructure. The economic and social ripples continue to be felt, reminding industry players and policymakers of the critical importance of cybersecurity in protecting the backbone of manufacturing economies.

With inputs from agencies

Image Source: Multiple agencies

© Copyright 2025. All Rights Reserved. Powered by Vygr Media.