The UK’s largest carmaker has posted major Q2 losses following a September ransomware attack which knocked out production for several weeks.
Jaguar Land Rover (JLR), which is owned by India’s Tata Motors, revealed in financial results on Friday that revenue for the three months to September 30 2025 was £4.9bn ($6.5bn), down 24% year on year (YoY).
Total losses for the quarter reached £485m ($639m), down from a profit of £398m ($524m) a year ago, although these figures were also impacted by US tariffs and a planned winding down of legacy Jaguar models, ahead of the launch of a new vehicle, JLR said.
However, the firm said that the attack itself had cost the business £196m ($258m) in “cyber-related costs.”
JLR didn’t provide a more detailed breakdown of these costs, although they typically include payments to third-party incident response/forensics suppliers and IT overtime, as well as breach notification, legal costs, crisis communications and regulatory outreach, among other things.
Read more on JLR cyber-attack: Cyber-Attack Contributes to Huge Sales Drop at JLR
The Scattered Lapsus$ Hunters collective claimed responsibility for the breach. The group’s members have also been linked to major ransomware attacks on M&S and the Co-op Group, which are thought to have begun with a vishing call to the IT helpdesk requesting a password reset.
The Most Expensive Attack in UK History
The resulting outage halted production at JLR’s three UK plants for weeks, impacting not just the carmaker but its extensive supply chain.
In October, non-profit the Cyber Monitoring Centre (CMC) estimated that the JLR incident was the most economically damaging cyber event to hit the UK, claiming it had a financial impact of £1.9bn ($2.6bn) and affected more than 5000 UK organizations.
The “vast majority” of this impact was due to the loss of manufacturing output, it said.
In the end, JLR set up a new loan-backed financing scheme allowing it to ease the cashflow problems facing suppliers, although the government also agreed to guarantee loans of up to £1.5bn.
“JLR has made strong progress in recovering its operations safely and at pace following the cyber incident,” said CEO Adrian Mardell.
“In our response we prioritized client, retailer and supplier systems, and I am pleased to confirm that production of all our luxury brands has resumed.”
Image credit: dvoevnore / Shutterstock.com
