Russian hackers behind Jaguar Land Rover cyberattack, NYT reports


According to the New York Times, which spoke to several people close to the investigation, Russia was behind the cyberattack on Jaguar Land Rover (JLR).

Key takeaways:

In September 2025, the British car manufacturer announced that it had been hit by a cyberattack, which largely paralyzed its production capacity, forcing it to shut down factories in Halewood, Solihull, and Wolverhampton.

ADVERTISEMENT

To make sure that JLR and other companies in the supply chain wouldn’t go bankrupt or have to lay off workers, the British government backed the British car manufacturer with a £1.5 billion loan.

All in all, the cyberattack led to £681 million in losses, earning the title of “most damaging event” in the history of the United Kingdom, according to the Cyber Monitoring Centre (CMC). The Bank of England added that the UK’s gross domestic product (GDP) grew significantly less than expected due to the cyberattack on the car manufacturer.

Jaguar C-X75, red car, black licence plate with jaguar sign
Jaguar C-X75. Gisela Schober/Getty Images for Jaguar Land Rover.

There has been no official announcement about who was responsible for the attack on JLR. However, after speaking with anonymous sources, the New York Times reports that Russian hackers were behind the attack, not a “loose collective” initially suspected.

According to the news outlet, the attackers didn’t use phishing, but rather exploited unspecified vulnerabilities in unspecified legacy technology. No details were provided.

“The attack on Jaguar raises the possibility that this was no typical ransom attack but an assault on the economic foundation of a sovereign state,” the newspaper said, adding that Russian officials are angry about Britain’s military support of Ukraine.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google

“It played into longstanding fears that an adversarial state could remotely paralyze critical infrastructure, like an energy grid or key manufacturers, stoking chaos and causing economic damage.”

ADVERTISEMENT

It remains unclear whether the Kremlin ordered the attack or whether a criminal threat actor pulled it off.

However, not everybody believes in the “Russia did it” theory.


Unlock more exclusive Cybernews content on YouTube.