Jaguar Land Rover (JLR) has been confirmed as the victim of one of the most expensive cyber attacks ever recorded, with experts estimating losses exceeding A$3.7 billion. The ransomware assault, which paralysed JLR’s production systems for more than a month, has been labelled the costliest cyber incident in British history, surpassing previous breaches at major retailers M&S and the Co-op.

According to the Cyber Monitoring Centre (CMC), a global non-profit that tracks and assesses cyber events, JLR likely lost between A$3 billion and A$3.9 billion, with the most probable figure sitting around A$3.6 billion. During the height of the disruption, analysts say the company was losing roughly A$95 million each week, leading the CMC to rate the event a “Category 3” on its five-tier impact scale – a major systemic threat.

Production was halted in early September following what JLR described as a “cyber incident” on August 31, 2025, forcing more than 30,000 workers at factories in Solihull, Halewood, Wolverhampton, and several overseas sites to stay home. The company’s internal IT systems were taken offline immediately to contain the breach, which crippled vehicle assembly operations and delayed global deliveries.

JLR CEO Adrian Mardell admitted it had been “a challenging quarter,” confirming that the firm’s wholesale volumes fell by nearly 25 per cent and retail sales dropped by 17 per cent during the shutdown period. “Since the start of September, we have worked with retailers to prioritise the delivery of our world-class vehicles to our clients,” Mardell said.

While JLR is expected to shoulder about half of the total losses, analysts warn the wider supply chain of smaller parts suppliers may have absorbed much of the remaining impact, with some at risk of collapse. The UK Government has offered a A$2.8 billion emergency loan, though JLR instead opted to launch its own cash-up-front program for suppliers in early October to keep production materials flowing.

Security researchers say the incident underscores the vulnerability of modern manufacturing. “A single IT breach can bring an entire billion-dollar production line to a standstill,” said Dray Agha, Senior Security Manager at Huntress. Experts are now urging major automakers to bolster “network segmentation” – isolating factory systems from wider business networks – to prevent a repeat of such devastating single points of failure.

After six weeks offline, JLR began a phased production restart on October 8, but cybersecurity analysts warn the brand could face lingering financial and reputational fallout well into 2026.