Ransomware, Breach, Critical Infrastructure Security

Jaguar Land Rover ransomware attack had $2.8B economic impact in UK

aguar Land Rover car showroom in Acton, west London- a British multinational automotive company.

(Adobe Stock)

The UK's Cyber Monitoring Centre (CMC) on Oct. 22 estimated that the economic impact of the Sept. 2 cybersecurity incident affecting Jaguar Land Rover (JLR) was about $2.8 billion U.S. dollars.

The disclosure by the CMC puts the JLR ransomware attack in the same realm as the attack on Change Healthcare in the United States, which reportedly paid out more than $3 billion to providers following the February 2024 breach.

According to CMC, the £1.6 billion to £2.1 billion estimate reflected the substantial disruption to JLR’s manufacturing, multi-tier supply chain, and to downstream organizations, including dealerships.

“The JLR incident is already a landmark breach in terms of its complete devastation of the supply chain,” said Casey Ellis, founder at Bugcrowd. “Now, we’re talking in terms of its staggering direct economic impact, both to JLR and its employees and shareholders, as well as the British economy. The fact that the government itself stepped in to financially protect and attempt to reboot the supply chain is definitely not the hallmark of a typical breach — this one will be studied for years to come.”

Noelle Murata, senior security engineer at Xcape, Inc., added that the $2.8 billon figure, which is similar to the enormous impact of the Change Healthcare breach, shows that big security failures, regardless of the business, are now expected to cause nine-figure disruptions.

“In addition to being a loss for JLR, the incident was named ‘the most economically damaging cyber event’ to ever affect the UK, demonstrating how quickly a single corporate attack can turn into a threat to the country's economic stability,” said Murata. “Ultimately, this chilling symmetry in cost forces a reckoning: The age of cybersecurity as an IT problem is over; it's a multi-billion-dollar business liability.”

Agnidipta Sarkar, chief evangelist at ColorTokens, said the JLR cyberattack is not just another ransomware story — it’s a real-time stress test of how fragile the digital nervous system of modern manufacturing has become. Sarkar said from what we know, once attackers got into JLR’s SAP S/4 HANA platform that links ERP, MES, logistics and dealer portals into one logical network, they succeeded in moving laterally.

“For organizations that have taken up unbridled innovation and are riding the wave, but have not put in foundational breach readiness, the time to invest is now,” said Sarkar. “It’s still not too late to invest in microsegmentation, enhanced identity governance and software defined perimeters, everything that NIST800-207 recommends. Zero trust is no longer a fancy term, it’s now a matter of business survival and national resilience.”

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Attack Vector

You can skip this ad in 5 seconds