The August cyberattack that halted Jaguar Land Rover (JLR) productions for over a month is estimated to have cost the British economy £1.9 billion ($2.5 billion), making it the most economically damaging cyber event in UK history.
According to the Cyber Monitoring Centre (CMC), an independent analyst firm that examines the financial impact of cyber incidents, the total cost reflected JLR’s own production losses, as well as those suffered by its manufacturing supply chain and downstream organizations, such as car dealerships.
In total, says the CMC, an estimated 5,000 businesses have been affected by the incident, and it will take until January 2026 to reach a full recovery. However, JLR itself will shoulder more than half the cost of the attack, including the cost of recovery.
Ciaran Martin, Chair of the CMC’s Technical Committee, said the attack was “by some distance, the single most financially damaging cyber event ever to hit the UK.”
As a result, the CMC has classified the attack as a Category 3 event (with Category 5 being the most severe).
“That should make us all pause and think,” Martin said. “Every organisation needs to identify the networks that matter to them, and how to protect them better, and then plan for how they’d cope if the network gets disrupted.”
Will Mayes, the CMC’s Chief Executive, said that the attack highlights the importance of addressing supply chain risk.
“What this incident demonstrates is how a cyber attack on a single major manufacturer can cascade through thousands of businesses, disrupting suppliers, transport, and local economies, and triggering billions in losses across the UK economy.”
A Record-Breaking Attack
The attack itself began in late August and forced JLR to halt production in the UK, China, Slovakia, India, and Brazil. In addition to this disruption, suppliers and dealerships reportedly had to deal with cancelled orders and delayed payments and were unable to complete customer transactions.
While JLR has not disclosed the nature of the attack itself, nor the name of the adversary behind it, the Scattered Spider ransomware group claimed responsibility for the incident back in September. However, this has not be confirmed.
Scattered Spider had also claimed the attacks on Harrods, M&S, and Co-Op earlier this year, all of which were classified by the CMC as Category 2 events.
JLR resumed operations in early October, after almost five weeks of disruption, announcing a “controlled, phased restart.” To enable the auto giant’s recovery, the UK government offered a £1.5bn ($2bn) loan to support JLR’s suppliers and protect jobs across the UK.
The incident reportedly marked the first time in UK history that a company has received government support following a cyberattack.
