The Jaguar Land Rover shutdown caused by a cyberattack at the beginning of September has a potential end date. Hopefully, things will be sorted by September 24, Autocar reports that JLR has had a hard time finding a fix for its systems, leaving factories dormant as the shutdown enters its third week. Not only is JLR losing up to $5.8 million a day, but parts suppliers are beginning to lay off workers as a result of the work stoppage, according to the BBC. Some suppliers could even go out of business if the shutdown continues.
This is a smaller version of what we saw during the pandemic. While large parts suppliers can weather such a storm, smaller ones, particularly those specializing in parts for Jaguars or Land Rovers, may not be able to, former Aston Martin CEO Andy Palmer said to the BBC.
“Some of them will go bust. I would not be at all surprised to see bankruptcies.”
…
“You hold back in the first week or so of a shutdown. You bear those losses. But then, you go into the second week, more information becomes available – then you cut hard. So layoffs are either already happening, or are being planned.”
The BBC also confirmed that one unnamed JLR supplier had already laid off 40 people, almost half of the company. Others are telling workers to stay home, hoping to put them back to work once JLR resumes production. Union and government officials are calling for a furlough program to pay employees and help them get by until the situation is resolved and they can return to work. This could be wise, as insufficient staffing at part suppliers could further delay JLR production, as we saw with Toyota and Corvette production during the pandemic.
‘Some data has been affected’
The cyberattack began on September 1. Quick action by JLR’s IT staff immediately locked down its systems to keep its data safe, but such security measures also prevent employees from accessing systems they need to do their jobs, resulting in the ongoing shutdown. Dealers and parts systems have also been affected.
Since our original report, a hacker group known as “Scattered Lapsus$ Hunters” has claimed responsibility for the attack. This is the same group that hit retailer Marks & Spencer this past May. It claims to have used the same security flaw in SAP Netweaver to hack both companies. Software such as this runs at every level of a company, which explains how the entire company can be shut down due to a hack in a single software application.
JLR’s website has the following statement about the cyber attack at the top of its main page:
Since we became aware of the cyber incident, we have been working around the clock, alongside third‑party cybersecurity specialists, to restart our global applications in a controlled and safe manner. As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators. Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted. We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.
Previously, JLR had stated that “there is no evidence any customer data has been stolen.” That appears to have changed as the investigation has continued.
