Russian hackers behind Jaguar Land Rover cyberattack, NYT reports

According to the New York Times, which spoke to several people close to the investigation, Russia was behind the cyberattack on Jaguar Land Rover (JLR).
-
The New York Times reports that Russian hackers were behind the cyberattack on Jaguar Land Rover, citing people close to the investigation.
-
The 2025 attack forced factory shutdowns in the UK, severely disrupting production.
-
The incident caused an estimated £681 million in losses and was described as one of the UK’s most damaging cyber events.
-
The UK government provided £1.5 billion in support to stabilise the company and its supply chain.
-
However, some cybersecurity experts dispute the claim, saying there is no conclusive evidence of state involvement.
In September 2025, the British car manufacturer announced that it had been hit by a cyberattack, which largely paralyzed its production capacity, forcing it to shut down factories in Halewood, Solihull, and Wolverhampton.
To make sure that JLR and other companies in the supply chain wouldn’t go bankrupt or have to lay off workers, the British government backed the British car manufacturer with a £1.5 billion loan.
All in all, the cyberattack led to £681 million in losses, earning the title of “most damaging event” in the history of the United Kingdom, according to the Cyber Monitoring Centre (CMC). The Bank of England added that the UK’s gross domestic product (GDP) grew significantly less than expected due to the cyberattack on the car manufacturer.
There has been no official announcement about who was responsible for the attack on JLR. However, after speaking with anonymous sources, the New York Times reports that Russian hackers were behind the attack, not a “loose collective” initially suspected.
According to the news outlet, the attackers didn’t use phishing, but rather exploited unspecified vulnerabilities in unspecified legacy technology. No details were provided.
“The attack on Jaguar raises the possibility that this was no typical ransom attack but an assault on the economic foundation of a sovereign state,” the newspaper said, adding that Russian officials are angry about Britain’s military support of Ukraine.
“It played into longstanding fears that an adversarial state could remotely paralyze critical infrastructure, like an energy grid or key manufacturers, stoking chaos and causing economic damage.”
It remains unclear whether the Kremlin ordered the attack or whether a criminal threat actor pulled it off.
However, not everybody believes in the “Russia did it” theory.
Unlock more exclusive Cybernews content on YouTube.