Jaguar Land Rover Hit by Major Cyberattack Disrupting Global Production, Retail

Jaguar Land Rover (JLR), Britain's largest carmaker, has been severely disrupted by a major cyberattack that forced it to shut down production and retail systems globally. The attack, attributed to the HELLCAT ransomware group and another threat actor called APTS, compromised internal systems and leaked approximately 350 gigabytes of sensitive proprietary data, though JLR confirmed no customer data was stolen. The breach exploited outdated Jira credentials stolen years earlier, highlighting critical cybersecurity oversights. The incident coincided with one of the busiest periods in the automotive calendar, preventing dealerships from registering new '75' plate models and significantly disrupting operations at key plants, including the Halewood site where workers were sent home. JLR is working to restore its systems in a controlled manner amid ongoing investigations and broader UK retail sector cyber threats. This attack adds to a summer marked by high-profile cyber incidents affecting major UK retailers and emphasizes the growing cybersecurity risks in the software-driven automotive industry.