The cyber attack on JLR has been rated as the most financially damaging cyber incident in the UK, with the Cyber Monitoring Centre (CMC) estimating the UK wide impact at £1.9 billion.

According to the CMC’s analysis, the August 2025 attack caused severe disruption across JLR’s UK manufacturing operations and its multi-tier supply chain, halting vehicle production for several weeks and triggering widespread losses for suppliers and dealerships.

The event, which affected over 5,000 UK organisations, was given a Category 3 rating on the CMC’s five-point scale.

This category denotes an incident with losses between £1 billion and £5 billion and significant financial effects on more than 2,700 organisations.

The CMC noted that the JLR incident was concentrated on a single organisation, with systemic impacts emerging through supply chain and economic dependencies rather than simultaneous compromise.

Production shutdown and financial fallout

The cyber attack forced JLR to shut down IT systems across its global operations, halting production at key UK plants in Solihull, Halewood and Wolverhampton.

The CMC estimates that the disruption to manufacturing alone accounted for the majority of the financial loss.

JLR’s production was suspended for around five weeks, with an estimated 5,000 vehicles lost per week – equating to £108 million in fixed costs and lost profits weekly.

The CMC model assumes a phased recovery through to early January 2026, as JLR works to fully restore systems and supply chains.

While some production resumed in early October, recovery is expected to be "slow and complex".

The analysis also allows for a brief period of overproduction next year as the company seeks to rebuild output.

Supply chain strain and dealer network disruption

Thousands of suppliers across the UK automotive network were affected, facing cancelled or delayed orders and cash flow pressure.

The report highlights that some suppliers took out personally backed loans to stay afloat, though JLR has been working to stabilise the situation by prepaying certain suppliers and clearing outstanding invoices.

 

ADVERTISING

 

 

Dealers also reported system outages that disrupted sales and servicing operations. Despite extended delivery times, the CMC noted that brand loyalty among JLR customers has helped limit order cancellations.

Broader impact

The CMC estimates that the ripple effects extended to local businesses and logistics providers linked to JLR plants, with regional economies hit by lost wages and reduced activity.

The analysis excludes any financial losses related to data breaches or ransom payments, noting that no credible information has emerged to suggest a ransom demand was made or paid.

The CMC’s Technical Committee urged businesses, insurers and Government bodies to recognise that operational disruption now represents the greatest cyber risk facing UK industries.

The report stated: “Operational disruption has generated virtually all of the financial loss.

“The cost dwarfs any previous known data breach."

The CMC also called for stronger IT and operational technology (OT) resilience, closer mapping of supply chain dependencies, and improved access to cyber insurance for manufacturers and suppliers.

The report noted that while the UK government has underwritten a £1.5 billion loan guarantee to support JLR’s liquidity, none of this support has yet been used.

The CMC recommends that government should begin defining future support parameters for similar large-scale incidents.

Cybercrime under the spotlight at Automotive Management Live

Ben Donaldson, director at cyber security specialist RepGuard, will share how businesses can better engage their people to reduce cybercrime risk as part of a special strategy session at Automotive Management Live - sponsored by Tekion.

Donaldson has worked to lead cyber security engagement at a well known UK food retail giant and has also worked in positions at Dyson and the Ministry of Defence.

The leading event of the UK’s automotive retail industry is back at the NEC, Birmingham on November 12 and is free to attend for franchised and independent dealer professionals.

Donaldson’s session will challenge the idea that traditional compliance training is enough, showing why simply ticking boxes on phishing tests and awareness modules does not change behavior.

Louise Sadler, senior manager in BDO’s privacy and data protection team and Kaspar Euvrard, director at BDO will share their expertise on how automotive retailers can strengthen their resilience against cyber threats.

Teza Mukkavilli, chief information officer & information security officer at Tekion, will also share his views as part of an interactive Q&A.