- Jaguar Land Rover suffered a cyberattack that disrupted production and retail, forcing system shutdowns and plant closures
- The breach was detected in real time, limiting damage; no customer data theft has been confirmed
- No group has claimed responsibility, and the nature of the attack remains unclear, though ransomware or data theft are possible motives
Luxury car manufacturer Jaguar Land Rover (JLR) suffered a cyberattack that “severely disrupted” its production and retail activities.
On its corporate website, it issued a brief statement, confirming the breach: “JLR has been impacted by a cyber incident,” the notice reads. “We took immediate action to mitigate its impact by proactively shutting down our systems.”
In its report, the BBC says the disruptions affected two of its main UK plants. The attack took place last Sunday, and apparently the company’s defenders spotted it as it was happening, reducing its impact. The effects were still felt across the company, as workers at both the Halewood plant in Merseyside and the Solihull plant were told to stay home on Monday. Those who checked in early were sent home, as well.
Restarting production
“We are now working at pace to restart our global applications in a controlled manner,” JLR continued. “At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted.”
At the same time, Tata Motors – JLR’s parent company – filed a new report with the Bombay Stock Exchange, in which it described the attack as an “IT security incidence” that is causing global issues. The National Crime Agency said: “We are aware of an incident impacting Jaguar Land Rover and are working with partners to better understand its impact.”
So far, no threat actors claimed responsibility for the attack, so we don’t know if this was a ransomware incident, or a more simple data smash-and-grab. Usually, companies shut down parts of their IT infrastructure to contain a ransomware strike, since these encrypt endpoints and render them useless, while at the same time exfiltrating sensitive data to be later used as leverage in the negotiations.
Still, many ransomware operators have moved past encrypting systems, claiming the process is too expensive, cumbersome, and unreliable, and are focusing on data exfiltration only.
Via BBC
You might also like
https://cdn.mos.cms.futurecdn.net/BsnMKVyyNGEZMWVUsFD6vn.jpg
Source link
