Jaguar Land Rover (JLR), the iconic British automaker and a subsidiary of Tata Motors, has found itself at the heart of a crisis that’s rippling across the UK’s manufacturing sector. Since September 1, 2025, the company has been forced to halt production at its factories in Solihull, Castle Bromwich, Halewood, Wolverhampton, and even at overseas plants in China, Slovakia, and India, following a devastating cyber attack. The fallout has not just crippled JLR’s operations, but also endangered the livelihoods of thousands in its vast supply chain, prompting urgent calls for government intervention.
The cyber attack, which began on August 31, 2025, was claimed by a group known as Scattered LAPSUS$ Hunters—a collective reportedly composed mainly of teenagers. According to BBC and Fortune India, this group has been linked to previous breaches at major British retailers like Marks and Spencer, Co-op, and Harrods. Investigators believe the hackers exploited a flaw in SAP software to launch a ransomware attack, forcing JLR to shut down its IT networks in a bid to prevent further damage. This defensive move, however, also brought the company’s heavily automated assembly lines and supply systems to a grinding halt.
Under normal circumstances, JLR produces more than 1,000 vehicles every day. But since the attack, not a single car has rolled off its production lines. The impact is staggering: JLR is reportedly losing between £5 million and £10 million per day, with total losses estimated at £50 million to £100 million as of mid-September. The shutdown, which JLR now says will last until at least September 24, 2025, comes at a particularly vulnerable time for the automaker. The company had already reported a 49% drop in pre-tax profits to £351 million in the three months ending June 2025, citing declining sales in China and Europe and the effects of US tariffs.
The pain, however, is not confined to JLR alone. As Reuters and BBC report, the company’s supply chain supports 104,000 jobs across the UK. Many of these are at small and medium-sized firms that depend almost entirely on JLR as their main customer. The sudden production halt has left these suppliers in a precarious position, with some already resorting to layoffs. One unnamed supplier told Carscoops it had been forced to lay off 40 people—nearly half of its workforce. Andy Palmer, former boss of Aston Martin, warned bluntly, “Some of them will go bust. I would not be at all surprised to see bankruptcies. You hold back in the first week or so of a shutdown. You bear those losses. But then, you go into the second week, more information becomes available—then you cut hard. So layoffs are either already happening, or are being planned.”
City MPs and union leaders have responded with mounting alarm. MP Ayoub Khan, after meeting with affected Birmingham suppliers, described their situation as “perilous.” He explained, “These people are a skilled workforce, they have mortgages, they've got to put food on the family table, they've got bills to pay and an additional fear is that they are not going to be able to sit around waiting for their job to restart, they may have to go elsewhere. That means JLR could be impacted when it does get back up to speed because the supply chain will be broken.”
Khan and Labour MP Liam Byrne, chair of the Commons Business and Trade Committee, have urged the government to introduce a furlough-style scheme to support suppliers and prevent a domino effect of mass layoffs and insolvencies. Byrne called the cyber attack a “digital siege” and warned, “We fear if the government doesn't step up soon, people will be laid off in their thousands.” He added, “What began in some online systems is now rippling through the supply chain, threatening a cashflow crunch that could turn a short-term shock into long-term harm. We cannot afford to see a cornerstone of our advanced manufacturing base weakened by events beyond its control.”
The Unite union has echoed these calls, reporting that supply chain workers are already being laid off with reduced or no pay, and some have been advised to apply for universal credit. Unite’s general secretary, Sharon Graham, stated, “Thousands of these workers in JLR’s supply chain now find their jobs are under an immediate threat because of the cyber attack. Ministers need to act fast and introduce a furlough scheme to ensure that vital jobs and skills are not lost while JLR and its supply chain get back on track.” The union pointed out that the severity of the delays means the usual banked hours agreements used in manufacturing shutdowns are inadequate in this crisis.
West Midlands Mayor Richard Parker has tried to reassure the public, noting that he is in talks with the business secretary, the chancellor, JLR, and unions to understand the issues and develop support for affected businesses. “We have good understanding of the issues which need to be resolved,” Parker said, adding that the government and company are “collating and collecting” the impact of the shutdown on businesses across the supply chain to develop “best approaches about intervening to help them over the next few weeks and months.”
The disruption has also exposed vulnerabilities in the automotive sector’s “just in time” model, which minimizes inventory but leaves suppliers acutely exposed to sudden halts in production. Without stockpiles of parts, suppliers are forced to match production to demand on a daily basis. When that demand vanishes overnight, as it did on September 1, the effects are immediate and severe.
JLR’s response has included working with third-party cybersecurity specialists and law enforcement to investigate the incident and plan a controlled restart of global operations. On September 10, the company revealed that some data had been affected by the breach, promising to contact anyone impacted as appropriate. While JLR has denied rumors that the shutdown could last until November, the ongoing uncertainty is fueling anxiety throughout the industry.
The hacking group Scattered LAPSUS$ Hunters, for their part, announced on September 12 that they were shutting down operations. In a message posted on Telegram and breachforums, they declared, “Our objectives having been fulfilled, it is now time to say goodbye.” Whether this marks the end of their activities or merely a pause remains to be seen, but for JLR and its suppliers, the consequences are all too real and immediate.
As the days tick by and the losses mount, the pressure on the UK government to step in grows. With so many jobs and the future of a key manufacturing sector at stake, the coming weeks will be critical in determining whether JLR and its supply chain can weather this unprecedented digital storm—or whether the aftershocks will be felt for years to come.
