Early in September 2025, the UK-based production facilities of Tata Motors owned automotive giant Jaguar Land Rover (JLR) at Halewood and Solihull came to a grinding halt. As workers were sent home or asked not to come, automotive plants that produced thousands of globally renowned cars reeled with a cyberattack for close to a month.
Even as JLR has begun to restart its operations in a phased manner, what the cyberattack represents is not just a warning for JLR’s owner Tata Motors, but also for the wider automotive industry in India. Major players with plants in India should conduct an urgent cyber audit of their facilities, map out supply chain implications in case of production disruption and also secure cyber insurance to avoid hefty damages.
The cyberattack and its aftermath
The maker of luxury SUVs and sedans, JLR is the biggest automotive sector employer in the UK with more than 30 thousand workers. In addition to this, as a study commissioned by JLR on its economic footprint in the UK adds: ‘A further 104,000 jobs are estimated to have been supported throughout its UK supply chain (indirect). Finally, an estimated 62,900 jobs were supported through wage-induced spending.’ The indirect jobs are generated because a host of UK companies are part of JLR’s complex supply chain for automotive parts. The report further estimated 17.9 billion pounds as JLR’s contribution to the UK GDP. The tax contribution alone to the UK government is estimated to be a whopping 4 billion pounds.
The company was therefore a natural target for malicious cyber actors. Scattered Lapsus$ Hunters, a group of three hacking collectives, claimed responsibility for the cyberattack. Details about the nature and intensity of the attack, however, are not yet in the public domain. In the aftermath of the attack, JLR shut down its production lines and associated systems to limit the infection.
It took nearly four weeks for the operations to be resumed in a limited, phased manner. But by this time, massive damage was already done. According to a Financial Times report, JLR may end up spending billions of pounds in lost revenues and profits because it had not secured cyber insurance when the attack took place. The impact on the small businesses involved in the JLR supply chain was so severe that the UK government machinery, including the prime minister’s office, became involved in exploring ways to mitigate the harms.
Further, the fact that Tata’s other company, Tata Consultancy Services (TCS), was the tech partner of JLR, only compounded the problems of the Tata group. As a Moneycontrol explainer described it, JLR cyberattack was the third instance in a year of a British client of TCS reeling with a cyberattack.
Why Indian automotive players should worry
The JLR attack has underscored and reinforced that cyberattacks are no longer about some abstract occurrences restricted to machines. Also, it is not just industries that have heavy IT exposure (such as software companies) or those with critical IT dependence (such as healthcare) that are recipients of cyberattacks. Companies into traditional manufacturing (such as cars, motorcycles and other automotive parts) are equally vulnerable. As the protracted struggle of JLR over the four weeks has revealed, cyberattacks are also increasingly about disrupting supply chains and upending thousands of livelihoods. From Haridwar to Nashik, from Pune to Hosur, the Indian automotive industry is about 240 billion dollars in terms of turnover, and generates 30 million jobs. As a PIB report further explains: ‘In terms of global standing, India is the largest manufacturer of three-wheelers, among the top 2 manufacturers of two-wheelers in the world, the top 4 manufacturers of passenger vehicles, and the top 5 manufacturers of commercial vehicles in the world.’ Hence, a similar attack on Indian plants of automotive players could cause serious disruption economically and socially.
As an immediate response to the JLR cyberattack, Indian automotive players should conduct an urgent comprehensive cyber audit of their facilities. But cyber defences can never be 100 per cent impermeable. The automotive players should, in the medium to short term, prepare for serious cyberattack scenarios by segmenting their different systems and facilities (to limit the infection spread by design), thoroughly map out their complex supply chains and downstream implications of operational disruption, and secure cyber insurances to cover losses.
(Lokendra Sharma is a staff research analyst with the Takshashila Institution’s High-Tech Geopolitics Programme.)
Views are personal, and do not represent the stance of this publication.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
