Jaguar Land Rover U-turns to confirm 'some data' affected after cyber prang
- Reference: 1757520320
- News link: https://www.theregister.co.uk/2025/09/10/jaguar_land_rover_breach/
- Source link:
Cybercrooks ripped the wheels off at Jaguar Land Rover. Here's how not to get taken for a ride [1]READ MORE
The Tata-owned automaker [2]said on September 2 it had shut down its systems to mitigate the impact of the "incident" and claimed there was "no evidence" of data theft, although its retail and production activities have been severely dented.
Four days later, it [3]apologized for the continued disruption amid ongoing efforts to kickstart systems, thanking staff, customers, and suppliers for their patience. Retail partners were still open for business, it added.
However, in the latest update today, JLR confirmed that the situation was rather worse than initially estimated. A [4]spokesperson said in a statement : "As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators. Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted."
JLR did not identify the type of data affected. "We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses," the company said.
[5]
Along with third-party cybersecurity specialists who are combing through the wreckage, JLR says it is still "working around the clock… to restart our global applications in a controlled and safe manner."
[6]UK to ban ransomware payments by public sector organizations
[7]Hyundai: Want cyber-secure car locks? That'll be £49, please
[8]Ford 'actively investigating' after employee data allegedly parked on leak site
[9]Car dealer software slinger CDK Global said to have paid $25M ransom after cyberattack
Employees have been asked to remain at home since the attack was made public and are not expected to return until at least next Monday, according to some [10]reports .
Sources told us they were unable to service their JLR cars last week due to the systems being taken offline. One said it related to parts ordering and diagnostic services. "At over a grand for a swift oil change, it would be nice if they could keep their IT systems secure," the customer quipped.
[11]
Scattered Spider is suspected to be behind the digital heist, the same ransomware crew that caused mayhem for months at [12]Marks & Spencer , a UK retail chain that was [13]attacked in April . The criminals now appear to be [14]collaborating with ShinyHunters and Lapsus$ .
In addition to retailers, Scattered Spider has also turned its evil eye on [15]insurers and [16]airlines . ®
Get our [17]Tech Resources
[1] https://www.theregister.com/2025/09/10/jaguar_key_lessons/
[2] https://media.jaguarlandrover.com/news/2025/09/statement-cyber-incident
[3] https://media.jaguarlandrover.com/news/2025/09/statement-cyber-incident-0
[4] https://media.jaguarlandrover.com/news/2025/09/statement-cyber-incident-1
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aMH09iJGWw6Y8Cnqz50aSwAAAQE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[6] https://www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/
[7] https://www.theregister.com/2025/08/12/hyundai_want_secure_locks_on/
[8] https://www.theregister.com/2024/11/18/ford_actively_investigating_breach/
[9] https://www.theregister.com/2024/07/12/cdk_ransom_payout/
[10] https://news.sky.com/story/jaguar-land-rover-cyber-attack-some-data-affected-carmaker-reveals-13428135
[11] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aMH09iJGWw6Y8Cnqz50aSwAAAQE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[12] https://www.theregister.com/2025/08/11/ms_restores_click_collect_following/
[13] https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
[14] https://www.theregister.com/2025/08/12/scattered_spidershinyhunterslapsus_cybercrime_collab/
[15] https://www.theregister.com/2025/06/16/scattered_spider_targets_insurance_firms/
[16] https://www.theregister.com/2025/08/07/klm_air_france_latest_major/
[17] https://whitepapers.theregister.com/
Re: Pah computers
..and the real cosher Series 1 and 2 Landrovers all had galvanised steel mesh radiator grilles, held on by the two screws that also attached the front 'Landrover' badge. These were highly prized by the long-distance African Safari wallahs because the grille was easily detached and perfect for cooking steaks, chops, etc. on the evening campfire.
Series 3 didn't count because their front grilles were plastic and so useless for cooking.
FWIW my Landrover was a 4 cylinder petrol long wheelbase Series 2 station wagon with full length roofrack, so fully kosher, but we cooked on a petrol Primus because petrol was easily available everywhere that the Landrover could be driven to, and besides that avoided carrying cans of kerosene, which contaminates *everything*, or bottled gas, which wasn't always so easy to find along the Hippy Trail or in India and Nepal.
Re: Pah computers
I missed my calling to be a hippy by 20 years and it's now full of middle class wankers who can't find their arse with two hands, a map and a torch.
Still hopeful I can find myself a plot of land somewhere to become a hippy recluse for my retirement
Jagar?
Paul, are you taking the Mick? It's "Jagger"!
This is why I'm against cloud connected cars
This is why I det at all these car manufacturers and their data connected cars. With cars collecting location data, journeys, and many other data sets as well as the ability to remote unlock cars all it takes is a manufacturer hack and the car is as secure as a wet paper bag. Currently have a JLR car but told them to stick the account and reject the data collection. The manufacturers don't like this as creating an account is part of a JLR hand over and the dealer gets a black mark if they do not get the car signed up. This was confirmed to me by th dealer I ordered the car from during discussions about privacy and data collection.
JLR aren't the only ones with VAG being hacked and screeda of data taken detailing customers' journeys and other very personal data including those of German security forces private journeys and routines.
I'll never understand why folk are so quick to hand over access to be tracked and monitored by private companies and I'll never accept than any data collection from a car is justifiable.
Pah computers
In my day Land-Rovers were designed with a ruler and coffee mug - none of the fancy "French Curve" rubbish for Landie's styling