A cyberattack that shut down Jaguar Land Rover's operations since August 31 has been estimated to cost the UK £1.9 billion, marking it as the most economically damaging cyber event in the country's history. The incident disrupted production and affected over 5,000 British organisations. Partial production has recently restarted, but full recovery is not expected until January.
The cyberattack on Jaguar Land Rover (JLR), owned by India's Tata Motors, began on August 31, 2025, leading to a month-long shutdown of internal systems and vehicle production in the UK. According to an analysis by the non-profit Cyber Monitoring Centre (CMC), the incident has rippled across more than 5,000 British organisations, primarily through disruptions to JLR's supply chain.
"This incident looks to have been by some distance, the single most financially damaging cyber event ever to hit the UK," said Ciaran Martin, former head of the National Cyber Security Centre and chair of CMC's technical committee. The £1.9 billion estimate includes losses from reduced vehicle sales, lower profits, costs to address the attack, and impacts on local businesses. It assumes attackers did not infiltrate JLR's operational technology, which would have prolonged recovery, and that full production will not resume until January.
In response, the UK government provided a £1.5 billion loan guarantee to help JLR access credit amid the crisis affecting its suppliers. The National Crime Agency is leading the investigation, but details on the perpetrators remain scarce, with no assumptions made about ransom payments.
This attack follows a wave of ransomware incidents targeting UK entities, including retailers Marks & Spencer and Co-op, as well as NHS England. CMC estimated those retailer attacks cost between £270 million and £440 million in June. Martin highlighted a shift in threats, noting companies often prioritize data protection over operational resilience. "It is now clear not just that criminal disruptive attacks are the worst problem in cybersecurity right now, but they’re a playbook to hostile nation states on how to attack us," he said in a recent London speech.
The National Cyber Security Centre reported 204 "nationally significant" cyber incidents in the UK for the 12 months ending August 2025, up from 89 the previous year, warning of threats from state actors like China and Russia.