Jaguar Land Rover is feeling the heat
One of the United Kingdom’s major automakers was severely impacted by a cyberattack late last month, and the consequences are spreading across its supply chain well beyond its factories. As a result, production at its facilities has been halted for nearly three weeks, resulting in billions of dollars in lost revenue and a ripple effect that has caught suppliers looking to lay off workers to survive.
According to analysts cited by Automotive News Europe, the fallout from the cyberattack has caused JLR to lose more than £1 billion ($1.36 billion) in revenue. David Bailey, a professor at the Birmingham Business School, estimated that the massive loss translates to a profit hit of at least £70 million, which he notes would only grow the longer the automaker keeps its affected plants shut. “The company might be able to recover some of that, but the longer it goes on, the more permanent the hit,” he said.
Jaguar Land Rover
Due to the cyberattack, JLR shut down key UK plants at Halewood and Solihull, critical facilities that produce Land Rover vehicles, as well as its engine facility in Wolverhampton. In addition, production at factories in Slovakia, China, and India has also been suspended. Altogether, the automaker produces nearly 1,000 vehicles daily, but it hasn’t been able to do so with many of its 33,000 workers staying home.
The automaker says it is working with cybersecurity experts and the British Government Communications Headquarters (GCHQ, the British equivalent of the NSA) to safely bring its systems back online.
Getty Images
The cyberattack is causing a supply chain squeeze
Though JLR is actively working to resolve the matter, the automaker has extended its cyberattack-related production pause through September 24. Suppliers have been warned that it could stretch as far as November, which has sent them scrambling. Although this may not be a problem for some of JLR’s larger suppliers, Bailey noted that the effects will hit the smaller specialist firms up the automaker’s supply chain ladder much harder.
“There’s anywhere up to a quarter of a million people in the supply chain for Jaguar Land Rover,” Bailey told the BBC. “So if there’s a knock-on effect from this closure, we could see companies going under and jobs being lost”.
Said effects are already happening. According to the BBC, one smaller JLR supplier confirmed that it had laid off 40 people, nearly half of its workforce. At the same time, an employee at another major JLR supplier in the West Midlands told the British media that “hundreds” of its staff have been told to stay home and that they do not expect to be back at work until at least September 29.
Getty Images
Labor leaders and government officials recognize the effects
Both politicians and labor leaders recognize that a crisis is forming before their eyes. In a statement to the BBC, Business and Trade Minister Chris Bryant said that the government recognizes the “significant impact” of the cyberattack on JLR and its suppliers and that it has been in “daily contact” with the company and relevant experts to resolve the issue. Labor MP Liam Byrne, the chair of the Commons Business and Trade Committee, added that the British government needs to step in to help offset the downfall.
“What began in some online systems is now rippling through the supply chain, threatening a cashflow crunch that could turn a short-term shock into long-term harm”, he says. “We cannot afford to see a cornerstone of our advanced manufacturing base weakened by events beyond its control”.
In addition, British trade union Unite has pressed the government to introduce a furlough system that would remove the responsibility for subsidizing workers’ back pay from JLR and onto the British Government.
Twyford Moors Classic Cars Ltd
“Thousands of these workers in JLR’s supply chain now find their jobs are under an immediate threat because of the cyber attack,” Unite general secretary Sharon Graham said in a statement to the BBC. “Ministers need to act fast and introduce a furlough scheme to ensure that vital jobs and skills are not lost while JLR and its supply chain get back on track.”
Final thoughts
In a statement on the JLR website, the automaker said that it has been “working around the clock alongside third‑party cybersecurity specialists, to restart our global applications in a controlled and safe manner.” Nonetheless, the attack highlights how fragile automakers can be when software systems are compromised.
Since the initial report, a notorious hacker group called Scattered Lapsus$ Hunters has claimed responsibility, the same group that hit beloved British retailer Marks & Spencer this past May. Similar to the M&S breach, the group is believed to have exploited a vulnerability in SAP NetWeaver software, widely used across industries, to crash JLR’s operations.
That being said, the cyberattack couldn’t have come at a worse time, as JLR has been feeling the pinch from U.S. tariffs and slumping sales in China. If the suppliers of Britain’s largest automaker can’t survive this cyber crisis, restarting production might be harder than what’s already happening.
