Jaguar Land Rover (JLR) has been forced to shut down production and IT systems after a cyber attack crippled its operations, disrupting manufacturing, deliveries and new car registrations.
The company confirmed the incident on Monday, describing it as a “cyber incident” that required the immediate shutdown of systems across its global network. The timing could hardly have been worse for JLR, coinciding with the launch of the UK’s new 75 plate registrations.
Staff at the Halewood plant near Liverpool — where the Range Rover Evoque and Land Rover Discovery Sport are built — were told to go home yesterday. Local reports suggest the factory remains closed, with no clear timeline for a restart.
The disruption has not only affected production lines but also systems used by dealers to register new cars with the UK government, causing further delays at the start of the new registration season. Industry publication Autocar reported that dealers had been given no estimate for when systems would be restored.
In a statement, JLR said: “JLR has been impacted by a cyber incident. We took immediate action to mitigate its impact by proactively shutting down our systems. We are now working at pace to restart our global applications in a controlled manner. At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted.”
The Liverpool Echo reported that the incident was first detected at 4.30am on Monday, with systems offline since. Staff were told their hours would be banked in line with company agreements until production resumes.
Parent company Tata Motors disclosed the issue in a filing to the Indian stock exchange, calling it an “IT security incident” but offering no further details. “We are working at pace to resolve global IT issues impacting our business,” it said.
The attack adds to a string of cyber incidents targeting UK companies this year. Marks & Spencer, the Co-op and Harrods were all hit earlier in 2025, forcing store closures and website outages. Police confirmed that one woman and three teenagers were arrested in July in connection with the attacks.
The disruption comes at a sensitive time for JLR, which is preparing to wind down production of petrol and diesel Jaguars as it pivots towards electric vehicles. The company is also facing international trade pressures, after the U.S. imposed tariffs of 27.5% on UK-built cars earlier this year — later reduced to 10% on the first 100,000 vehicles exported annually.
Adding to the upheaval, JLR last month appointed PB Balaji, Tata Motors’ chief financial officer, as its new boss following the departure of CEO Adrian Mardell.
The company recently reported its quarterly profits had almost halved, compounding investor concerns. Its divisive rebrand, intended to modernise the Jaguar marque, has also attracted criticism for “erasing” elements of the brand’s century-old heritage.
With production lines idled, systems offline, and no clear date for recovery, the cyber attack represents yet another hurdle for Britain’s largest carmaker as it attempts to navigate tariffs, electrification, and a major leadership transition.
Read more:
Jaguar Land Rover hit by major cyber attack as production halts at UK plant