Jaguar Land Rover hack triggers £1.9 billion economic loss, UK’s worst cyber event yet: Report

The August cyberattack on Jaguar Land Rover (JLR), a subsidiary of Tata Motors, has been identified as the most economically damaging cyber incident in British history, costing the UK economy an estimated £1.9 billion ($2.55 billion) and affecting over 5,000 organisations, according to a new report by the Cyber Monitoring Centre (CMC).

The CMC — an independent, non-profit body comprising cybersecurity experts, including former officials from the UK’s National Cyber Security Centre (NCSC) — said the financial toll could rise further if the automaker’s production takes longer than expected to fully recover. The report, released on Wednesday, underscored that “the vast majority of the financial impact stemmed from lost manufacturing output at JLR and its suppliers.”

JLR, one of Britain’s largest car manufacturers, was forced to halt production for nearly six weeks following the breach, which disrupted its digital systems and supply chain operations. The company began restoring manufacturing earlier this month, with production gradually resuming across its three UK plants, which together produce around 1,000 vehicles per day.

Cyber experts at the CMC described the JLR breach as a Category 3 systemic event — the third-highest severity level on a five-point scale — citing its “substantial disruption” to JLR’s operations, multi-tier supply chain, and downstream dealers. A Category 5 event, by comparison, would represent the most severe form of national-scale cyber disruption.

“The incident appears to be the most economically damaging cyber event to hit the UK,” the CMC said, adding that around £1.5 billion of the loss was tied to lost output and delayed production. Analysts earlier estimated that JLR was losing nearly £50 million per week during the shutdown.

The British government stepped in late September with a £1.5 billion loan guarantee to help the automaker stabilize operations and support affected suppliers. Despite this assistance, the CMC warned that full recovery may take time, with normal production levels expected only by January 2026.

Ciaran Martin, Chair of the CMC’s technical committee and founding head of the NCSC, said the episode should serve as a wake-up call for industries across the country.
“With a cost of nearly £2 billion, this incident looks to be the single most financially damaging cyber event ever to hit the UK,” Martin said. “Every organisation must identify its critical networks, strengthen their defences, and prepare contingency plans for disruption.”

The report noted that JLR’s breach is part of a worrying pattern of large-scale cyberattacks on major British companies in 2025. Earlier this year, retailer Marks & Spencer suffered a two-month outage after a cyberattack, losing about £300 million ($400 million) due to suspended online operations.

The JLR incident underscores the growing systemic risks of cybercrime in industrial sectors, where interconnected supply chains amplify economic fallout. As the CMC observed, the hack not only crippled JLR’s production but also disrupted thousands of component suppliers, logistics firms, and dealerships across the UK.

While JLR declined to comment on the CMC’s findings, it confirmed that production is being restored “in a phased approach.”

This marks the second public assessment by the CMC, which uses a mix of publicly available data, interviews, and industry input to estimate the financial cost of cyber events. Unlike the NCSC, which also tracks cyber severity levels but does not disclose them publicly, the CMC aims to quantify the broader economic consequences — a step experts say is critical for national preparedness in an era of escalating cyber threats.