The cyber attack on Jaguar Land Rover (JLR) has been estimated to cost the UK around £1.9bn, in what experts are calling the most economically damaging hack in British history.
Research from the Cyber Monitoring Centre (CMC), a non-profit group that tracks major cyber incidents, found that around 5,000 organisations across the country were affected by the fallout of the attack, which forced JLR to halt production for five weeks from 1 September.
The report also said JLR, owned by India’s Tata Motors, suffered the largest financial hit, with analysts predicting that more than half of the total cost will fall on the carmaker due to lost production, lower sales, and recovery expenses.
The carmaker only partially restarted UK operations earlier this month and is not expected to fully recover until January 2026.
CMC chair Ciaran Martin, the former head of the National Cyber Security Centre, described the breach as “by some distance, the single most financially damaging cyber event ever to hit the UK”.
He added: “That should make us all pause and think – and then, as the NCSC said so forcefully last week, it’s time to act”.
The UK government has already stepped in with a £1.5bn loan guarantee to ease pressure on JLR’s suppliers, many of whom warned they could collapse without trading resuming quickly.
‘A wake up call for every board’
Experts have said the JLR incident should be a turning point for how both businesses and public bodies handle cyber risk.
Simon Onyons, managing director in the Cyber and Data Resilience team at Kroll, said: “With a cost approaching nearly £2bn, this now stands as the single most economically damaging cyber incident the UK has ever seen – and it should serve as a wake-up call for every board and public body in the country.”
“This isn’t just a technical failure but an economic and operational resilience failure,” he added.
He pointed out that “cyber resilience must now be treated with the same level of priority as financial stability or regulatory compliance”, warning that attackers “are moving faster than traditional response plans can cope with”.
Jake Moore, global cybersecurity advisor at ESET, said the incident exposed deep vulnerabilities across supply chains: “The JLR cyberattack has shone a direct light on the critical need for better resilience planning across entire supply chains and not just within individual organisations.”
“The mega costly loss and widespread disruption shows how a single incident can ripple through interconnected systems far beyond the original target”.
ESET’s research suggests that cyber attacks now cost UK businesses around £64bn a year, as incidents become more frequent and more damaging.
Martin said that while most companies focus on protecting customer data due to legal obligations, the JLR case highlighted “the growing threat of attackers destroying the networks that keep businesses running”.
He also warned of an increasing “geopolitical vulnerability”, noting that disruptive attacks by criminals are now serving as a “playbook” for hostile nation states seeking to inflict economic harm.
According to the National Cyber Security Centre’s latest annual review, the UK suffered 204 nationally significant cyber incidents in the year to August 2025, which is more than double the 89 recorded the year before.