Jaguar Land Rover (JLR) has extended its production shutdown until at least 1 October, after the cyber attack that crippled its IT systems left the UK’s biggest automaker unable to restart operations.
The pause, which started on 31 August, has already cost the car behemoth hundreds of millions of pounds in lost output, and threatens to ripple through a supply chain that employs over 200,000 people.
Over 33,000 staff work directly for JLR at plants in Solihull, Halewood and Wolverhampton.
A JLR spokesperson said on Tuesday: “We have made this decision to give clarity for the coming week as we build the timelined for the phased restart of our operations and continue our investigation. Our teams continue to work around the clock alongside cybersecurity specialists, the NCSC and law enforcement to ensure we restart in a safe and secure manner”.
“Our focus remains on supporting our customers, suppliers, colleagues and our retailers who remain open”.
Supply chain fears
The decision has intensified concerns among suppliers, who rely on JLR’s ‘just in time’ production schedules and have been forced to halt operations.
Around a quarter of firms supplying parts to JLR have already paused work or laid off staff, according to the industry bod the Society of Motor Manufacturers and Traders (SMMT).
Mike Hawes, SMMT chief executive, said: “Whatever happens to JLR will reverberate through the supply chain. Some suppliers, maybe up to a quarter, have already had to lay off people”.
“There will be another further 20 to 25 per centconsidering that in the next few weeks”, he added.
The losses are mounting, with professor David Bailey from the University of Birmingham estimating profits have already taken a £120m hit, with total revenue losses running at around £1.7bn.
Unions have urged ministers to consider a furlough-style scheme to protect supplier jobs.
But with JLR reporting profits of £2.2bn last year, the company is also expected to shoulder more of the burden itself.
Rising cyber threats
The cyber attack has also raised questions about the vulnerability of UK industry.
JLR outsourced its IT systems to Tata Consultancy Services last year, part of owner Tata Group’s effort to streamline operations.
Experts believe the incident bears the hallmarks of a ransomware attack, similar to those that have hit Marks & Spencer and the Co-op.
Chancellor Rachel Reeves suggested this week that hostile states could be behind the wave of cyber incidents hitting UK businesses, warning that both government and industry needed to ‘step up’ preparedness.
Spencer Starkey, Executive Vice President for EMEA at cybersecurity company SonicWall, said: “This was a significant and disruptive cyberattack. We have seen at SonicWall that organisations were under critical attack for an average of 68 days in 2024, highlighting the potential for prolonged recovery periods.”
“Threat actors are now exploiting vulnerabilities within 48 hours of disclosure – far faster than most organisations can patch – highlighting a growing gap between threat velocity and enterprise readiness”.
Speculation is mounting that the shutdown could last into November, though JLR insists it is working at pace to restore its systems.
For now, skeleton crews at Solihull are limited to basic maintenance such as cleaning and repainting factory floors.