Jaguar Land Rover to Loan £500 Million to Suppliers as Govt Bailout Awaits Approvals

Although Jaguar Land Rover has begun to bring operations back online after a month-long outage caused by a devastating malware attack, its suppliers and various other partners are still reeling from the company’s sudden production halt. The Tata-owned conglomerate’s entire global infrastructure was thrown offline, and the attack has now proven to have been much more severe than what initial assessments revealed. 

Last week, the UK Government announced a £1.5 billion loan guarantee relief package to protect the thousands of jobs and multiple local businesses involved in JLR’s supply chain which have had to deal with a sudden loss of liquidity. The move was also intended to restore confidence in the British automotive industry as a whole and protect skilled jobs. The incident has been raised in the UK’s House of Commons, with parliamentarians discussing how best to respond to the attack, and how to prevent similar occurrences in the future. 

However, approvals are still pending, and the money is not likely to be disbursed soon, according to UK media. To avert a looming crisis for suppliers, JLR itself is reportedly putting its own privately backed £500 million loan package together. 

The attack, which occurred on August 31 and was first reported on September 2, resulted in a complete shutdown of operations across manufacturing, sales, and business functions.

JLR’s first statement indicated that no breaches of customer data had been identified. Over the course of multiple subsequent updates, it became clear that the scope of the attack was deeper than first thought, with third-party cybersecurity experts and UK law enforcement involved. An initial target of September 24 to restart operations was then pushed to October 1 to allow for resumption in a controlled, phased manner as forensic investigations continued. 

On September 25, the company announced that the “foundational work of our recovery programme is firmly underway”, with “sections of our digital estate” up and running. A complete return to normal is not expected for several more weeks. 

Reuters reported in mid-September that up to 33,000 workers at JLR’s three locations in Solihull, Halewood, and Wolverhampton had been asked not to report to work, although their jobs were not thought to be in danger. Around 1,000 cars are ordinarily produced here each day. Additional overseas locations in Brazil, Slovakia and India were also forced to remain idle. 

A cybercrime group calling itself “Scattered Lapsus$ Hunters” has taken credit for the attack, though its demands and objectives are not yet clear. The group’s name comes from three other groups whose members are thought to be involved: Scattered Spider, Lapsus$ and ShinyHunters. Screenshots of confidential internal JLR documents have appeared online, according to cybersecurity industry watchers. These criminal groups have been involved in attacks on other British firms including Marks & Spencer earlier this year.