Home > Security > Security News

Jaguar Land Rover Confirms Employee Data Stolen in Crippling August Cyberattack Costing the Company Over $890 Million

Published on December 16, 2025
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Unlocked padlock depicting data breach
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google

Key Takeaways

Jaguar Land Rover (JLR) has acknowledged that a cyberattack in August resulted in a data breach, compromising the personal information of current and former staff and contractors. The forensic investigation into the event is ongoing.

This announcement provides the first official details about the incident, which caused a production shutdown lasting more than a month and had severe financial repercussions for the major British automotive manufacturer. 

JLR Stolen Employee Data

The company has begun contacting affected individuals, as reported by The Telegraph, and has explained that the compromised information was held for employment administration purposes. The breach exposed data related to:

While JLR stated there is no evidence that the stolen data has been misused, it has cautioned all current and former personnel to be vigilant against potential phishing attacks that may exploit the employee data stolen in the incident. 

To mitigate the risk, JLR is providing access to credit and identity monitoring services for those impacted.

Economic Impact and Cybersecurity Threats

The Jaguar Land Rover cyberattack has had a ripple effect throughout the U.K.'s industrial sector, disrupting JLR's extensive multi-tier supply chain. The production halt has put thousands of jobs at risk, with the company posting a loss of £485 million (roughly $650 million) last month. 

HELLCAT ransomware targeted JLR earlier this year via compromised Atlassian Jira credentials to steal sensitive data, leveraging an infostealer – the incident was also linked to the APTS threat actors and the Scattered Lapsus$ Hunters collective.

Add a Comment
Related
Healthcare industry, a target for cyberattackers
CISA Urges Organizations to Harden Endpoint Management Systems After Cyberattack Against US Medical Giant Stryker
mobile hacker
Darksword Exploit Kit Deploying iOS Spyware on iPhones, Adopted by Multiple Threat Actors
Over 1,100 Hours of Terrorist Audio Propaganda Found in 17,000 URLs Across 40 Online Platforms
Interlock Ransomware Campaign Exploited Cisco Firewall Vulnerability CVE-2026-20131 Weeks Before Disclosure
Claude.ai: The Claudy Day Vulnerability Chains Prompt Injection, Open Redirects, and Data Exfiltration
Laptop Spark Vulnerability
Critical CVE-2026-3888 Vulnerability Exposes Ubuntu to Root Escalation
Most Popular
Healthcare industry, a target for cyberattackers
CISA Urges Organizations to Harden Endpoint Management Systems After Cyberattack Against US Medical Giant Stryker
mobile hacker
Darksword Exploit Kit Deploying iOS Spyware on iPhones, Adopted by Multiple Threat Actors
Over 1,100 Hours of Terrorist Audio Propaganda Found in 17,000 URLs Across 40 Online Platforms
Interlock Ransomware Campaign Exploited Cisco Firewall Vulnerability CVE-2026-20131 Weeks Before Disclosure
Claude.ai: The Claudy Day Vulnerability Chains Prompt Injection, Open Redirects, and Data Exfiltration
Laptop Spark Vulnerability
Critical CVE-2026-3888 Vulnerability Exposes Ubuntu to Root Escalation
CISA Urges Organizations to Harden Endpoint Management Systems After Cyberattack Against US Medical Giant Stryker
Darksword Exploit Kit Deploying iOS Spyware on iPhones, Adopted by Multiple Threat Actors
Over 1,100 Hours of Terrorist Audio Propaganda Found in 17,000 URLs Across 40 Online Platforms
Interlock Ransomware Campaign Exploited Cisco Firewall Vulnerability CVE-2026-20131 Weeks Before Disclosure
Claude.ai: The Claudy Day Vulnerability Chains Prompt Injection, Open Redirects, and Data Exfiltration
Critical CVE-2026-3888 Vulnerability Exposes Ubuntu to Root Escalation

Most Popular
Healthcare industry, a target for cyberattackers
CISA Urges Organizations to Harden Endpoint Management Systems After Cyberattack Against US Medical Giant Stryker
mobile hacker
Darksword Exploit Kit Deploying iOS Spyware on iPhones, Adopted by Multiple Threat Actors
Over 1,100 Hours of Terrorist Audio Propaganda Found in 17,000 URLs Across 40 Online Platforms
Interlock Ransomware Campaign Exploited Cisco Firewall Vulnerability CVE-2026-20131 Weeks Before Disclosure
Claude.ai: The Claudy Day Vulnerability Chains Prompt Injection, Open Redirects, and Data Exfiltration
Laptop Spark Vulnerability
Critical CVE-2026-3888 Vulnerability Exposes Ubuntu to Root Escalation
CISA Urges Organizations to Harden Endpoint Management Systems After Cyberattack Against US Medical Giant Stryker
Darksword Exploit Kit Deploying iOS Spyware on iPhones, Adopted by Multiple Threat Actors
Over 1,100 Hours of Terrorist Audio Propaganda Found in 17,000 URLs Across 40 Online Platforms
Interlock Ransomware Campaign Exploited Cisco Firewall Vulnerability CVE-2026-20131 Weeks Before Disclosure
Claude.ai: The Claudy Day Vulnerability Chains Prompt Injection, Open Redirects, and Data Exfiltration
Critical CVE-2026-3888 Vulnerability Exposes Ubuntu to Root Escalation

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: