‘UK’s Most Damaging Cyber Event’: JLR Breach Could Have Cost the Country £2B

News

1. Google Bridges Cloud Power and Privacy with Private AI Compute

2. California’s Genspark Enters AI Unicorn Club with $200 Million Round

3. OpenAI Taps Intel’s Sachin Katti to Build Compute Backbone for AGI

4. Flipkart Brings Voice-Led Wholesale Ordering to WhatsApp with Sarvam AI

5. Varun Berry Steps Down at Britannia, Rakshit Hargave to Take Over

6. OpenAI Issues Warning on AI’s Acceleration From Inside the Fast Lane

The late August cyberattack on Jaguar Land Rover, a Tata Motors subsidiary, could cost the company’s UK manufacturing operations £108 million per week, according to the Cyber Monitoring Centre, an independent body monitoring cyber events impacting the country. With five weeks of suspended production and reduced manufacturing from 10,000 vehicles per day to 5,000 vehicles per week, the luxury carmaker is expected to incur a loss of £540 million.

​The BBC previously reported a potential cost of up to £50 million per week for the company.

The shutdown impacted its three UK plants, responsible for manufacturing about 1,000 vehicles per day, and 33,000 UK employees. It also impacted JLR’s internal IT environment, leading to an IT shutdown and a halt in global manufacturing operations, including its major UK plants at Solihull, Halewood, and Wolverhampton.

Nearly one thousand tier one suppliers, and thousands of tier two and three suppliers of JLR have also been affected. Meanwhile, UK retail is less impacted than manufacturing due to it  only representing a portion of JLR cars manufactured in the country.

System restoration began in late September, with all its plants now resuming operations in a phased manner.

“Production lines were halted for several weeks, dealer systems were intermittently unavailable, and suppliers faced cancelled or delayed orders, with uncertainty about future order volumes,’ the report read.

The outrage has also cost the UK a financial loss of £1.9 billion ($2.55 billion), affecting over 5,000 UK organisations. Indicating a modelled range of loss is £1.6 billion to £2.1 billion, the CMC noted that the figure could be higher “if operational technology has been significantly impacted or there are unexpected delays in bringing production back to pre-event levels.”

Industry discussions indicate that JLR can potentially boost production to 120% of its previous capacity for three months by adding shifts and increasing output across its supply chain.

With a loss of nearly £2B, the JLR incident has become the most economically damaging cyber event to hit the UK. This estimate covers the impact on the UK operations of all affected organisations only.

​CMC indicates that the cyber attack on the automobile manufacturer was “concentrated on a single primary victim, with systemic effects arising indirectly through economic interdependencies rather than parallel compromise,” unlike other systemic cyber events such as WannaCry or the CrowdStrike software failure. 

Earlier this year, retailer Marks & Spencer lost £300 million after an April breach which shut down its online services for two months. The company’s financial results are due in November. 

JLR was approached for comment on the financial impact, but the company did not respond immediately.