Jaguar Land Rover (JLR), the luxury carmaker owned by Tata Motors, said on Tuesday that its production lines in the U.K. will remain shut until at least October 1 after suffering a cyberattack that struck earlier in September, further compounding losses and rippling through its extensive supplier network.
The company had initially halted operations on August 31 following the cybersecurity breach. Factories in central and northwest England were shut, and more than 30,000 direct employees were told to stay home. In making this latest extension, JLR said it wished to provide “clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.”
JLR has stated that its technical teams are working around the clock with cybersecurity specialists, the U.K. National Cyber Security Centre and law enforcement agencies to ensure that production resumes in a safe, secure and controlled manner. The automaker’s retail operations and dealerships remain open, and it said it is supporting suppliers, colleagues and customers through the disruption.
The decision to prolong the shutdown places mounting pressure on both the company and its supply chain. JLR estimates its three U.K. plants, collectively producing roughly 1,000 vehicles a day, are losing tens of millions of pounds per week in foregone output. Moreover, JLR’s supply chain—which supports over 100,000 jobs in Britain—is already under severe strain. Many smaller suppliers, which depend heavily on just-in-time deliveries to meet production schedules, have reportedly scaled back operations or laid off workers.
Labour unions, particularly Unite, have raised concerns that longer shutdowns may lead to permanent job losses among suppliers if financial relief or support is not forthcoming. UK ministers, including Business Secretary Peter Kyle and Industry Minister Chris McDonald, are due to visit affected sites and meet with supply chain firms to assess damage and explore possible support measures.
Despite the severity of the operational disruption, JLR has said that no customer data was compromised in the incident. The company’s global operations, retail channels, and post-sales support have all been impacted, but only internal production systems were fully disabled. The precise nature of the attack remains under investigation.
In India, the announcement also caught market attention: Tata Motors shares dropped nearly two per cent from their intraday highs following the update, reflecting investor concerns over lost production, revenue disruption, and implications for future profitability.
The extension to October 1 represents a second postponement; earlier, production was expected to resume by September 24. The delay underscores the complexity of recovering from cyberattacks in an industry increasingly dependent on digitised operations and interconnected supply chains.
JLR said that the pause is needed not only to restore technical systems but to validate new controls, test security postures, and assure both suppliers and regulators of safety. It also emphasised that when operations resume, it will be in a phased manner.
The incident adds to the growing narrative of cybersecurity as a critical risk for automotive manufacturers. In an era when modern vehicle production, parts ordering, diagnostics, and even vehicle licensing are embedded in digital systems, disruptions of this kind bring not only financial consequences but reputational risk.
As JLR works toward a safe restart, the broader industry is watching closely. The stakes are high: failure to resume smoothly or to support suppliers effectively could have long-term implications for jobs, competitiveness, and the resilience of the U.K. automotive sector.
Also Read: Surat Startup DhiWise Rebrands as Rocket AI, Raises $15 Million Seed Round
