Jaguar Land Rover is racing to recover from a major cyber breach that has thrown its retail and production operations into chaos, forcing factory workers to stay home until at least next week.
The company, owned by India’s Tata Motors, first revealed the cyber incident on Tuesday and confirmed on Friday that the disruption has been “severe.” It’s the latest in a wave of ransomware-style attacks hitting global businesses, with UK giants like Marks & Spencer and Co-op also falling victim this year.
To limit the damage, JLR immediately shut down its systems. The carmaker stressed that, so far, there’s no evidence customer data has been stolen. “We are now working at pace to restart our global applications in a controlled manner,” the company said in a statement.
With three plants in the UK and around 33,000 employees, JLR is Britain’s largest carmaker. But production has been put on hold, and staff won’t return until at least Tuesday.
The financial toll could be steep. Marks & Spencer, which suffered a similar high-profile breach earlier this year, estimated it lost about £300 million ($405 million) in operating profit after months of disruption.
The timing couldn’t be worse for JLR. The company is already facing a tough year, reporting an 11% quarterly sales drop in July. Part of the slump came from a temporary halt in U.S. shipments after Donald Trump’s administration slapped tariffs on imported cars. Though exports resumed in May, JLR has since cut its 2026 profit margin target to just 5–7%, down from 10%, citing uncertainty over U.S. trade policy.
On top of that, sluggish demand in China and slowing sales in Europe continue to weigh heavily on the luxury automaker.
