Cyberattack monitoring group estimates Jaguar hack cost UK $2.5 billion

An independent review of the August 2025 cyberattack against Jaguar/Land Rover says it’s the most expensive cybersecurity incident in U.K. history. The report, published October 22 by the Cyber Monitoring Centre, a nonprofit of industry experts, says the cybersecurity attack cost the U.K. economy approximately 1.9 billion pounds sterling ($2.5 billion USD), most of it due to lost manufacturing output from JLR and its suppliers.

The report went on to add that the cost could increase to 2.1 billion pounds (2.7 billion USD) or higher “if there are unexpected delays in bringing production back to pre-event levels.”

Those figures, the CMC’s report notes, are estimates based on analysis of publicly available financial data, sales volumes and supplier data, not “confirmed operational data” from JLR itself.

The nature of the cyber incident in late August remain murky, but led JLR to halt its global manufacturing and cancelled or delayed orders for JLR suppliers. Notably, according to the CMC, the JLR cyber incident is distinct from cyberattacks of similar scale, in that it seems to have focused specifically on a single company instead of spreading to several organizations.

Following the global shutdown of its operations in late August, JLR began a phased restart of its manufacturing operations in late September, according to reporting from Reuters, but has yet to return to pre-incident output. In early October, the company said it would restart production in five U.K. plants, followed by another plant in Slovakia. 

In an statement October 7, JLR CEO Adrian Mardell said the company would begin to pay suppliers in advance. “Our suppliers are central to our success, and today we are launching a new financial arrangement that will enable us to pay our suppliers early, using the strength of our balance sheet to support their cashflows,” Mardell said.

“I would like to thank everyone connected to JLR for their commitment, hard work and endeavour in recent weeks to bring us to this moment,” Mardell added. “We know there is much more to do but our recovery is firmly underway.”

Recommendations for manufacturers

Offering a reflection on the cyberattack, the CMC issued a short list of recommendations for manufacturers and other organizations vulnerable to cyberattack:

• recognize the cyber risk of operational disruption,
• strengthen IT/OT resilience,
• map supply chain dependencies,
• evaluate insurance for cyber incidents
• and start working to define government support parameters.

Focus on cybersecurity

Bridgestone North America hit by limited cyberattack
A company spokesperson said the impact was limited, and the incident is under investigation.

Is shadow OT lurking in your industrial network?
The connected tools that benefit operations and maintenance can also pose cybersecurity threats.

DOE releases cybersecurity best practices for the energy industry
The document is designed to help manufacturers and others in the energy industry create a framework to strengthen key technologies that help manage and operate energy systems.