Jaguar Land Rover (JLR) has successfully rebooted its global manufacturing network, finally putting the brakes on a devastating six-week cyberattack that brought its production lines to a standstill. The final piece of the recovery puzzle clicked into place with the restart of its Halewood plant in Merseyside, UK, signaling a return to normalcy for the British automotive giant.
This cyberattack was not just a temporary disruption; it was a severe financial hemorrhage. Analysts estimate the shutdown cost JLR a staggering £50 million per week, culminating in a total potential revenue loss of around £1.5 billion. The impact was starkly visible in their recent quarterly report, which showed a nearly 25% drop in wholesale sales to dealers.
A Phased and Strategic Return
Rather than flipping a switch, JLR engineered a careful, phased return to operations. This “controlled restart” was a strategic move to ensure the integrity of its newly secured IT infrastructure and to stabilize a rattled supply chain.
The process began with the heart of the vehicles—engine and component production lines. Once these were confirmed stable, the high-value assembly lines followed. This included plants in Solihull, home to the flagship Range Rover and Range Rover Sport, and the facility in Nitra, Slovakia, which manufactures the rugged Defender. The final and most critical step was the reactivation of the Halewood plant.
The Halewood restart is a milestone for more than just ending the shutdown. This facility is the production home for two of JLR’s most popular models: the Range Rover Evoque and the Land Rover Discovery Sport. Its revival also breathes new life into a major £500 million investment project to transform the plant for an electric future, a key pillar of JLR’s long-term strategy.
Further Challenges and Resilience
While the lights are back on in all factories, the journey to full production capacity is not yet over. Industry observers note that it could take several weeks for output to return to normal levels as JLR works through a significant backlog of orders, especially for its high-end luxury vehicles.
The attack has been linked to a hacker group known as Scattered Lapsus$ Hunters, who allegedly breached JLR’s systems by exploiting a weakness in widely-used SAP NetWeaver software. This breach granted them access to sensitive customer and operational data, triggering the extensive shutdown.
For investors, suppliers, and customers waiting for their vehicles, the full resumption of operations is a powerful signal of resilience. Navigating a crisis of this magnitude and executing a global recovery plan demonstrates a robust operational backbone. As JLR steers toward an electric future, this experience, though costly, underscores its commitment to securing its systems and modernizing its production in an increasingly digital landscape.
