Production at all JLR plants now back online following cyber attack

News

4 mins read

16 October 2025

All JLR production lines are now back up and running more than six weeks after a cyber attack that incapacitated its global operations.

On Thursday, production lines at its Halewood plant – which builds the Range Rover Evoque and Land Rover Discovery Sport – restarted for the first time since the 1 September attack.

Work to transform the plant as part of a £500 million project to produce JLR's incoming EVs has also restarted.

This follows Land Rover Defender and Discovery lines at Nitra, Slovakia, as well as Range Rover and Range Rover Sport lines at Solihull, which came back online last week.

Initial production output is understood to be limited, given that JLR has referred to the resumption of operations as a “controlled, phased restart”.

Operations at the Wolverhampton engine plant, Birmingham battery centre and Solihull body and paint shop are now all back up and running, as are stamping operations in Castle Bromwich, Halewood and Solihull.

A statement regarding the restart at Halewood read: “This is another important moment for JLR, for our suppliers and our people.

“We’re all super-proud of the resilience of our people and their energy to get back to doing what they do best – building world-class British luxury vehicles for our global clients.”

The cyber attack on 1 September brought all factories to a halt and incapacitated JLR, forcing it to shut down its internal computer systems in an effort to protect data from being stolen.

This resulted in production shutdowns at all of its global plants, created issues with parts ordering and stifled retailers.

The consequences of the cyber attack are estimated to have cost JLR a £1.5 billion drop in revenue.

Figures released by the firm last week show that, in the three-month period including the September shutdown, sales to dealers plummeted by nearly a quarter to 66,165.

That represents a loss of 21,138 cars compared with the same period in 2024.

“It has been a challenging quarter for JLR,” outgoing CEO Adrian Mardell said in a statement. However, he said that sales in July and August had been “in line with our expectations” before the cyber attack.

Government to underwrite £1.5bn JLR loan

The UK government said it will guarantee a £1.5 billion loan to JLR, to help it support suppliers who have been hit by the production shutdown.

The loan to the Tata-owned car maker will be issued by a commercial bank but will be underwritten by the UK government.

As well as costing JLR an estimated £50 million a week, the cyber attack has badly hit JLR's suppliers.

It's estimated that around 150,000 people are employed by some 700 British firms that supply JLR, and the UK government had been investigating ways to support them, such as a furlough scheme or loans.

It will instead underwrite a single loan to JLR through the Export Development Guarantee (EDG), with JLR repaying the money over a period of five years.

Business secretary Peter Kyle said on 27 September that the loan guarantee "will help support the supply chain and protect skilled jobs in the West Midlands, Merseyside and throughout the UK".

Chancellor Rachel Reeves added that the loan would help JLR "support their supply chain and protect a vital part of the British car industry".

JLR hack: what happened?

Autocar first reported issues affecting JLR on 1 September, when dealers couldn't register new cars on 'new plate day', traditionally one of the year's busiest for registrations.

In an effort to combat the hack, JLR began “shutting down" its systems on 2 September. It has not produced any cars globally since, leading to millions of pounds of lost income.

The extent of the issues meant JLR brought police and cybersecurity experts in to “restart our global applications in a controlled and safe manner”.

During this process, which included an investigation, it was discovered that "some data" was "affected", according to JLR. Those affected will be contacted, the firm said.

It's not officially known what data was taken or if a ransom demand has been made, but it is thought it most likely involves customer data, given the involvement of the police.

Will Rimell

Title: News editor

Will is Autocar's news editor. His focus is on setting Autocar's news agenda, interviewing top executives, reporting from car launches, and unearthing exclusives.

As part of his role, he also manages Autocar Business – the brand's B2B platform – and Haymarket's aftermarket publication CAT.

used cars for sale

Join the debate

Comments

Add a comment…

gilberthelen 17 October 2025

HOW TO FIND AND RECOVER STOLEN BITCOIN / REVENANT CYBER HACKER

Meet the hackers who can help get your crypto life savings back. A few months ago, I found myself in a precarious situation when I fell victim to a deceptive trading platform. I lost £410,000 to a fraudulent cryptocurrency investment broker I discovered on Facebook. I was scammed multiple times by individuals who promised to recover my lost funds but only added to my distress. When I found myself in a desperate situation after losing £410,000 to a fraudulent cryptocurrency investment broker. I was devastated. I reached a point where I was unsure if there was any hope left. It was then that I confided in a close friend who noticed my struggle and offered to help. He introduced me to a crypto recovery group known as REVENANT CYBER HACKER. One of the best decisions I ever made was reaching out to REVENANT CYBER HACKER to help me resolve my issue. But thanks to REVENANT CYBER HACKER. I recovered a significant portion of my losses. Their expert team worked tirelessly to trace and retrieve my funds, keeping me updated every step of the way. I highly recommend REVENANT CYBER HACKER to anyone who has fallen victim to cryptocurrency fraud. Their professionalism, expertise, and dedication are unmatched.

Email : revenantcyberhacker ( @ ) gmail (. ) com

Telegram: revenantcyberhacker

WhatsApp: + 1 (208) 425-8584

WhatsApp: + 1 (913) 820-0739

Website:http://www.revenantcyberhacker.com

ppug 17 October 2025

The irony of the comments section of a story about how JLR fell victim to a cyber attack, getting smashed by spam bots.

guerramaricela 17 October 2025

I recently found myself entangled in a precarious situation that served as a hard lesson in the importance of caution when navigating online interactions, particularly those involving financial investments. My mistake was blindly trusting an individual I met online who introduced me to the world of cryptocurrency, touting it as a lucrative opportunity to make significant profits. W h a t s A p p + 1 5 6 1 7 2 6 3 6 9 7 or T e l e g r a m + 1 5 6 1 7 2 6 3 6 9 7. Unfortunately, I was unaware that this was a scam designed to swindle unsuspecting victims out of their hard-earned money. The scammers cleverly presented their fraudulent scheme in a way that seemed genuine and promising, playing on my naivety and lack of knowledge about cryptocurrency. Before I realized what was happening, they had managed to swindle me out of a substantial amount of money. The feeling of being deceived and losing something I had worked hard for was devastating. However, my story takes a turn for the better. After conducting thorough research and reaching out to various recovery services, I came across Techy Force Cyber Retrieval. This organization specializes in assisting victims of online scams and fraud in recovering their stolen assets. I must admit that I was initially skeptical, given my previous experience; however, the professionalism and expertise demonstrated by the team at Techy Force were reassuring. Through their diligent efforts and cutting-edge technology, Techy Force Cyber Retrieval successfully tracked down the scammers and facilitated the recovery of my stolen funds. The process, although lengthy and complex, was handled with transparency and regular updates, keeping me informed every step of the way. The relief and joy of recovering everything that was stolen from me are indescribable. It's a testament to the dedication and proficiency of Techy Force Cyber Retrieval. This experience has taught me valuable lessons about the importance of vigilance and doing thorough research before making any financial decisions, especially those initiated online. It has also shown me that there are reputable and effective services available for those who fall victim to scams and fraud. I hope that by sharing my story, I can help others avoid similar pitfalls and know that there is help available if they find themselves in a similar situation. Thanks to Techy Force Cyber Retrieval, I have been given a second chance, and for that, I am truly grateful.

View all comments (61)

main menu

Production at all JLR plants now back online following cyber attack

Range Rover Evoque and Land Rover Discovery Sport lines at Halewood are the last to restart

Latest Reviews

Bentley Flying Spur

Peugeot e-5008

Mercedes-Benz CLA

Used Mercedes-AMG A45 2013-2018 review

Toyota C-HR+

Government to underwrite £1.5bn JLR loan

JLR hack: what happened?

Who has claimed responsibility for JLR hack?

Will Rimell

used cars for sale

Join the debate

Add your comment

Latest Reviews

Bentley Flying Spur

Peugeot e-5008

Mercedes-Benz CLA

Used Mercedes-AMG A45 2013-2018 review

Toyota C-HR+

More from Autocar

Top 10s

Latest car reviews

Top manufacturers

Quick search

Legal bits

About Autocar

main menu

Production at all JLR plants now back online following cyber attack

Range Rover Evoque and Land Rover Discovery Sport lines at Halewood are the last to restart

Latest Reviews

Government to underwrite £1.5bn JLR loan

JLR hack: what happened?

Who has claimed responsibility for JLR hack?

used cars for sale

Join the debate

Add your comment

Latest Reviews

More from Autocar

Top 10s

Latest car reviews

Top manufacturers

Quick search

We recommend

Legal bits

About Autocar