The cyber attack that halted production at Jaguar Land Rover has been estimated to have caused losses of around £1.9bn to the UK economy, according to the Cyber Monitoring Centre. The organisation described the attack as the most economically damaging cyber event ever recorded in the UK. The organisation classified the incident as a Category 3 systemic event on its five-point scale, indicating widespread economic impact. More than 5,000 UK organisations were affected, largely through the disruption of JLR’s manufacturing operations and supply chains.

JLR suffered the attack in late August 2025, forcing the company to shut down its internal IT systems and suspend production across its major UK plants in Solihull, Halewood and Wolverhampton. The shutdown halted global manufacturing for several weeks and caused significant disruption to dealerships and suppliers. Recovery efforts are underway, with the company implementing a phased restart of operations that is expected to continue into early 2026.

The CMC’s financial model assumes that JLR production was halted for about five weeks, with losses of roughly £108m per week in fixed costs and profit due to the suspension of vehicle manufacturing. It also estimates recovery and IT rebuild costs of between £50m and £150m, depending on whether the company’s operational technology was compromised. Suppliers were heavily impacted, with many facing cash flow problems and some resorting to loans to sustain operations. Dealerships also faced reduced vehicle supply, leading to lost sales margins, while local businesses near JLR plants were affected by reduced income among employees and contractors.

The modelled range of loss is between £1.6bn and £2.1bn, though this could rise if the company’s operational technology systems were significantly compromised or if recovery delays persist.

The CMC said its assessment does not include potential costs from any data breach or ransom payments, as there is no public evidence that ransom demands were made or that data losses have been a significant factor. The figure is based on modelling and available data as of mid-October rather than confirmed operational results.

The UK government has underwritten a £1.5bn loan guarantee to support JLR’s liquidity following the incident. The analysis assumes that the loan will not be drawn upon and that there will therefore be no cost to taxpayers. The intervention could still, however, set expectations for future government action in similar circumstances and recommended that thresholds for state support be clarified, along with definitions of what constitutes a critical economic sector.

It is understood that JLR was in the process of negotiating a cyber insurance policy through broker Lockton but had not finalised the arrangement before the attack occurred. As a result, JLR did not have cyber cover in place at the time of the incident, leaving the company to bear the full financial burden of the attack.


Image credit Jaguar Land Rover

---