Jaguar Land Rover is working with cybersecurity specialists and the police following a targeted cyber hack which has shut down production until at least Tuesday.
The British brand has been rebuilding its internal IT systems since they were breached on Monday, which also caused dealer sales, handovers and parts ordering to stop.
Autocar understands dealers are now manually registering cars while the systems remain down. Meanwhile, the majority of workers at JLR’s production sites in the West Mldlands and Merseyside have been told not to return to work until 9 September.
JLR told Autocar in a statement on Saturday that “our retail partners remain open”, adding: “We continue to work around the clock to restart our global applications in a controlled and safe manner following the recent cyber incident. We are working with third-party cybersecurity specialists and alongside law enforcement.
JLR hack: what happened?
On Monday, hackers claimed to have exploited a flaw in the British car maker’s IT system.
In an effort to combat the hack, JLR said it began “shutting down our systems” on Tuesday and is still in the process of rebuilding them. JLR was unable to confirm a timescale for the fix.
Autocar understands that this caused production to stop at the Halewood technology site as well as the Solihull plant, where the Range Rover and Range Rover Sport are built. JLR wouldn’t comment on the claims.
The Liverpool Echo reported that a notice sent to Halewood workers on 4 September told staff to stay away, with a plan to "attend work as normal on Tuesday September 9 unless informed otherwise".
The issues are also affecting dealers, who are unable to order parts, can't code parts they do have to cars, and are unable – in some instances – to complete customer handovers.
In addition, they are having to manually register vehicles. This involves phoning the DVLA in each instance.
Autocar first reported the issues affecting JLR on 1 September, when dealers couldn't register new cars on 'new plate day' , traditionally one of the year's busiest for registrations.
JLR's public-facing website appears to be fully operational, including the car configurator.
Who has claimed responsibility?
On 3 September, Scattered Spider – the group that hacked Marks & Spencer in May, causing seven weeks of disruption and costing £300 million in lost operating profit – claimed responsibility for the attack on JLR.
Join the debate
Add your comment
Did someone very clever get very annoyed when this Indian company's car let them down, and the Indian company were not good at placating them?
Just a thought.
There's so much of it going on with large companies it's a joke. Maybe senior management need to consider their outsourcing partners and how diligently they manage their staff and those they contract out to.
I still can't believe that so much UK sensitive data and processing is performed and managed by offshore commpanies in nations that trade with countries like Russia!
Some wronguns stood outside their data centre with an aerial and some tin snips, bypassed the security system and stole all the data, broke it for parts and resold it all on eBay. Now Mardell will come out of retirement and angrily demand that the police and the taxpayer should pay to cover the additional security measures needed to stop happening again.