JLR hack: UK government steps in to help restart production

“Workers in the JLR supply chain must not be made to pay the price for the cyber attack,” said Graham. “It is the government’s responsibility to protect jobs and industries that are a vital part of the economy.”

Graham cited a similar scheme set up on 15 September by the Scottish government to support bus maker Alexander Dennis and said “a similar scheme for workers in the JLR supply chain [should be set up] now”.

JLR suppliers 'could go bankrupt'

Recent reports have claimed that some of the firm's suppliers could go bust as a result of the shutdowns.

Former Aston Martin CEO Andy Palmer told the BBC on 12 September: “I would not be at all surprised to see bankruptcies.” 

Palmer added that many suppliers will soon begin to slim their staff count as a result of the shutdown, saying: “You hold back in the first week or so of a shutdown; you bear those losses. But then you go into the second week, more information becomes available – then you cut hard. So layoffs are either already happening or are being planned."

Along with Unite, another making the call for a furlough scheme is Commons Business and Trade Committee chairman Liam Byrne.

The Labour MP said: "What began in some online systems is now rippling through the supply chain, threatening a cashflow crunch that could turn a short-term shock into long-term harm. We cannot afford to see a cornerstone of our advanced manufacturing base weakened by events beyond its control."

JLR hack: what happened?

Autocar first reported issues affecting JLR on 1 September, when dealers couldn't register new cars on 'new plate day' , traditionally one of the year's busiest for registrations.

In an effort to combat the hack, JLR began “shutting down our systems” on 2 September.

It's still in the process of rebuilding them and is unabel to confirm a timescale for the fix.

The hack has left JLR incapacitated. No cars have been produced globally since, leading to millions of pounds of lost income.

The extent of the issues meant JLR brought police and cybersecurity experts in to “restart our global applications in a controlled and safe manner”.

During this process, which included an investigation, it was discovered that "some data" was "affected", said JLR. Those affected will be contacted, said the firm.

It's not officially known what data was taken or if a ransom demand has been made, but it is thought it most likely involves customer data given the involvement of the police.

JLR said in a statement on 15 September that it will look to restart production on 24 September.

Who has claimed responsibility for JLR hack?

On 3 September, a group of hackers calling themselves Scattered Lapsus$ Hunters claimed responsibility for the attack on JLR.

This is the same group that hacked Marks & Spencer in May, causing the British retailer seven weeks of disruption and costing £300 million in lost operating profit.

It claimed to have obtained customer data after exploiting a similar flaw in JLR’s IT system. The claim was made on a Telegram messenger group, where a user linked to the hackers posted a screenshot of what appeared to show JLR's internal system.

A member of the group revealled that a well-known flaw in SAP Netweaver, third-party software used by JLR, was exploited to access the data.