Jaguar Land Rover (JLR), a subsidiary of Tata Motors, has officially confirmed that a September cyberattack resulted in substantial financial losses and major operational disruptions. The luxury automaker detailed the incident’s impact in its Q3 2023 financial report, revealing the significant consequences of a breach within its supply chain.

Financial and Operational Impact Detailed

The cyberattack incurred a cost of £196 million (approximately $245 million USD) for Jaguar Land Rover. According to the company, these costs were primarily attributed to increased shipping expenses and other significant operational impacts as JLR worked to mitigate the disruption.

The incident directly affected the car manufacturer’s global supply chain, causing severe delays in parts distribution. This resulted in extended wait times for customers needing vehicle repairs and created a backlog that impacted between 10,000 and 12,000 vehicles worldwide.

Incident Response and Company Confirmation

During a company earnings call, JLR CEO Adrian Mardell confirmed the event, stating it caused “significant disruption” to the company’s operations. He clarified that the cyberattack did not target JLR’s internal systems directly but instead hit a key, unnamed supplier.

The security incident at the supplier critically impacted JLR’s global parts distribution center located in the United Kingdom. This breach forced the company to revert to manual processes for handling parts orders, which created a large backlog. Mardell noted that the problem was “pretty contained” and that the company has since been actively working to clear the backlog and restore normal service levels for its customers.