5 hours ago
5
Production at Jaguar Land Rover (JLR) and dozens of its suppliers is to remain on hold for at least this week, with disruption from a crippling cyber-attack at the carmaker expected to last until October.
The UK’s biggest car manufacturer, owned by India’s Tata group, halted production at the sites after discovering hackers had infiltrated its systems a week ago.
Thousands of production workers at the UK’s biggest car manufacturing sites in Halewood on Merseyside, and Solihull and Wolverhampton in the West Midlands have already been told to stay away until Tuesday. They will continue to be paid as usual and “bank” their hours to be picked up later on.
JLR will update workers on Monday on plans for later in the week. It is thought likely that thousands will be kept on pause until at least Thursday and probably beyond at JLR’s own operations in the UK and in Slovakia, Brazil and India as well as at dozens of suppliers.
Evtec, WHS Plastics, SurTec and OPmobility, who employ more than 6,000 in the UK between them, are among the suppliers who have told their workforces to stay at home, according to a report in the Sunday Times.
There is speculation that operations at JLR will be disrupted for “most of September” or worse, the paper said.
A recent cyber-attack on Marks & Spencer stopped its online orders for more than six weeks, with wider disruption continuing beyond that point. Similar attacks on the Co-op and Harrods, which were detected more swiftly, had less of an impact.
Those attacks led to personal details for thousands of their customers being accessed. JLR is understood to have informed the Information Commissioner’s Office last week about the incident, flagging the risk of data being infiltrated, but there is no evidence of any such breach at this stage.
However, JLR is having to operate without dozens of digital systems, with access cut off to databases, including those for spare parts. Sources said car dealerships and garages were able to continue operating but with severe disruption as they turned to phone calls and manual systems – in some cases pen and paper – to register vehicles and secure spare parts.
A spokesperson for JLR said: “We continue to work around the clock to restart our global applications in a controlled and safe manner following the recent cyber incident. We are working with third-party cybersecurity specialists and alongside law enforcement.
“We want to thank all our customers, partners, suppliers and colleagues for their patience and support. We are very sorry for the disruption this incident has caused. Our retail partners remain open and we will continue to provide further updates.”
On Wednesday, a group of English-speaking hackers linked to the retail hacks claimed responsibility for the JLR attack. Screenshots were posted on a Telegram channel amalgamating the names of hacking groups known as Scattered Spider, Lapsus$ and ShinyHunters.
