Jaguar Land Rover has disclosed the financial impact of the major cyberattack that brought its factories to a standstill in early September — and the figures make clear just how hard the UK’s biggest carmaker was hit.
In financial results published for the quarter ending September 30, JLR said the incident cost the company £196 million ($220 million) in direct cyber-related expenses. However, the disruption was even more severe: weeks of halted production, lost sales, and supply-chain chaos pushed the automaker from a £398 million profit last year to a £485 million loss this quarter.
A Six-Week Shutdown That Shook The Industry
The attack, announced on September 2, 2025, forced JLR to shut down production across major UK plants and send staff home. The UK’s largest automaker halted operations at all major sites on September 1 after hackers breached its systems. On September 2, the company issued a short statement confirming that certain systems had been taken offline as a precaution. Days later, the company confirmed that data had been stolen.
A Telegram group calling itself Scattered Lapsus$ Hunters claimed responsibility, posting screenshots of what appeared to be JLR’s internal systems. Cybersecurity researchers at Cyfirma linked the incident to a collective blending of elements of the Scattered Spider, Lapsus$, and ShinyHunters groups.
The shutdown continued for nearly six weeks, severely disrupting JLR’s supply chain. Some suppliers warned they faced collapse without fast financial support. On September 28, 2025, the UK government announced that it would provide JLR with a £1.5 billion loan guarantee to bolster the company’s cash reserves and support its supply chain, which had been greatly impacted by the shutdown.
Production began restarting in phases on October 8, with the company now reporting that operations are “pretty much back running as normal,” which included factories Solihull and Halewood.
A Blow To The UK Economy
The fallout didn’t stop at JLR’s gates. The Cyber Monitoring Centre estimated the wider economic damage at up to £1.9 billion, contributing to the UK’s 0.1% GDP contraction in September. It called the attack a “Category 3 Systemic Event” — one of the most disruptive ratings on its scale.
“Loss before tax and exceptional items was £(485)m for Q2 and £(134)m for H1, down from a profit of £398m and £1.1bn respectively a year ago,” said the company in a statement issued on Friday.
“EBIT margin was (8.6)% for the second quarter, down from 5.1% a year ago, and (1.4)% for H1, down from 7.1% in H1 last year. This decrease in profitability is largely due to the cyber incident, the continuing impact of US tariffs, reduced volumes as referenced above and increased VME.”
Additionally, revenue fell 24% year over year to £4.9 billion, while half-year results also suffered, with a £134 million loss compared to £1.1 billion in profit a year earlier.
Rapid Recovery And Continued Investment
JLR says operations have now “stabilized,” with wholesale systems, parts logistics, and supplier financing fully restored. The company highlighted that despite the crisis, it has not scaled back its long-term investment commitments. Spending of £18 billion remains planned between FY24 and FY29, much of it focused on electrification and next-generation vehicle platforms.
“JLR has made strong progress in recovering its operations safely and at pace following the cyber incident. In our response, we prioritised client, retailer and supplier systems, and I am pleased to confirm that production of all our luxury brands has resumed,” JLR CEO Adrian Mardell said in a statement.
Investigations into the attack remain ongoing, with multiple law enforcement agencies across several jurisdictions involved. JLR and the National Cyber Security Centre have not publicly disclosed who they believe is responsible for the attack.
