Jaguar Land Rover (JLR), the iconic British automaker, has found itself at the center of a storm after a devastating cyberattack brought its global production to a grinding halt in late August 2025. The fallout from this incident has rippled across continents, affecting not only the company’s bottom line but also its vast network of suppliers, dealers, and customers. As the dust begins to settle, the true scale of the disruption is coming into focus—and it’s nothing short of staggering.
According to figures reported by Autocar, the cyberattack forced widespread shutdowns of JLR’s manufacturing sites, leading to a 24% drop in sales to dealers for the three months ending September 30, 2025. That equates to just 66,165 vehicles sold to dealers, a loss of over 21,000 units compared to the same period last year. With an average sale price of £72,000 per vehicle, the company estimates a jaw-dropping £1.52 billion shortfall in revenue for the quarter.
“It has been a challenging quarter for JLR,” admitted outgoing CEO Adrian Mardell. He noted that sales in July and August had been “in line with expectations” before the cyber incident threw the company’s operations into chaos. The disruption didn’t just hit the company’s books—it also left customers in limbo, with many, like Los Angeles resident Navarro Jordan, facing indefinite delays and a frustrating lack of information.
Jordan ordered his Land Rover Defender in August, receiving confirmation on August 15 that it was assembled and ready to ship. But then, the updates stopped. “It wasn’t until a week ago that my dealer finally admitted they didn’t even know where my car is,” Jordan told Bloomberg. “I’ve just been left in the dark.” His experience is emblematic of thousands of customers worldwide caught in the crossfire of JLR’s manufacturing and supply chain woes.
The impact has been particularly acute in the UK, where retail sales plunged 32% in the same quarter. Part of this steep decline can be traced to Jaguar’s decision to pause sales entirely in September as it prepares for a transition to an all-electric luxury brand. Meanwhile, in China—a critical market for JLR—sales fell 22% as the company prepares to replace its locally built lineup with a new Chery-based Freelander. The ripple effects have been felt in other regions as well, with factories in China, India, and Slovakia all affected by the shutdowns.
JLR’s sprawling supply chain has also taken a major hit. According to Carscoops, around 200,000 workers are tied to JLR’s supply network, and many of them work exclusively for the automaker. One key supplier, Evtec Group, which employs 1,250 staff, has been at a standstill for weeks, with employees sent home on just 80% of their normal pay. The British government even stepped in with a $2 billion (£1.5 billion) loan guarantee to help prop up suppliers reeling from the sudden loss of business.
The financial hemorrhaging from the cyberattack has been relentless. Estimates suggest the attack has cost JLR up to £50 million ($67 million) every single week in lost production. Before the attack, the company was producing roughly 1,000 vehicles per day—a pace that ground to a halt as the company worked to contain the breach and restore its systems.
The group behind the attack, known as Scattered Lapsus$ Hunters, reportedly claimed responsibility and even taunted UK security agencies, including MI6, the National Cyber Security Center, and Britain’s National Crime Agency. While details about the nature of the breach remain closely guarded, the scale and sophistication of the attack have raised fresh concerns about the vulnerability of even the most established global manufacturers to cyber threats.
For JLR, the road to recovery is proving to be long and uncertain. The company has announced plans to restart engine production at its Wolverhampton plant on October 8, 2025, with assembly at its Solihull and Slovakia factories to follow “shortly.” However, according to the BBC, the restart will be phased, and it could take several weeks before all operations return to full capacity. JLR has already experienced several false starts in its efforts to bring factories back online, making it reluctant to commit to firm deadlines.
The upcoming second-quarter financial report, due in November, is expected to lay bare the full extent of the damage. Beyond the direct fallout from the cyberattack, JLR is also grappling with higher US import tariffs—now at 10%—and a weaker dollar, both of which have increased export costs and squeezed margins. Despite these headwinds, the company sees a silver lining: with fewer vehicles available, it can scale back discounting, helping to preserve margins as output slowly rebuilds throughout the final quarter of the year.
For suppliers and workers, however, the outlook remains fraught. The standstill at Evtec Group and other suppliers has left many employees in financial limbo, unsure of when—or if—normal operations will resume. With JLR’s restart happening in phases and global production still far from pre-attack levels, the recovery across the supply chain is expected to be slow and uneven.
For customers like Navarro Jordan, the experience has been a lesson in frustration and uncertainty. The lack of communication from dealers and the company has only compounded the anxiety of waiting for a long-anticipated vehicle. “Every couple of weeks, I’ve been calling, asking my dealer the same question: ‘What’s going on?’” Jordan said. “September passed with no clear answers.”
As JLR works to restore its operations and rebuild trust with customers and partners, the incident stands as a stark reminder of the growing threat posed by cyberattacks in the automotive industry. With hackers targeting not just financial institutions but also manufacturers and their supply chains, the risks are mounting—and the costs can be astronomical.
Looking ahead, JLR faces a delicate balancing act: ramping up production without overextending itself, supporting its suppliers and workforce, and navigating a shifting global trade landscape. The company’s transition to electric vehicles, ongoing in the background, adds another layer of complexity to an already daunting recovery effort.
In the wake of the cyberattack, the resilience of JLR—and the broader automotive sector—will be tested as never before. For now, the company and its stakeholders are focused on one goal: getting back on the road, one cautious step at a time.
