Jaguar Land Rover hack cost UK economy an estimated $2.5B

65 comments

·October 22, 2025

hollywood_court

I don't understand how Jaguar/Land Rover is still even a thing. This is unrelated to the hack, but they consistently make the most unreliable vehicles you can buy.

When I had my import repair shop, I made a fortune repairing Jags and LRs. My business partner named his lake house 'Discovery' because of all the money we made off of those things.

Aromasin

I believe this used to be a thing absolutely, but something seem to change ~2012 where they seemingly went from some of the least reliable luxury cars on the market to some of the most - but the hangover from 50 years of unreliability will plague them for years to come I'm sure. The tests and standards they need to pass to get out of the design and manufacturing departments are pretty staggering now (compared to the tire kick tests they used to), and general reports from mechanics in forums I frequent and people I meet at car meets is that a modernish JLR will keep on ticking provided they're serviced every year.

Honestly, I've been eyeing up a 2015 Jaguar F-Type for a while now. It was a £85k car depending on trimming that you can pick up for £20k now with a V6 supercharged VS. An old-school style coupe, without all the modern ADAS beeping and handholding, that will just plod away if you look after it seems very appealing.

yroc92

I had a 2015 f type. The day before it was to be transferred to the new owner, the engine smoked out on the highway. I don’t recall why, might have been an oil leak.

hollywood_court

I wish you luck. I wouldn't buy the 2015 unless they've documented the timing service and give you a warranty. And don't park it outside. I'm not exaggerating when I say (I believe I've even shared this in a previous comments years ago) that every single Jaguar I've ever serviced has had wiring damage due to rodents.

I believe it's something to do with the coating they use on their wiring and harnesses. But I never had a Jaguar in my shop that didn't suffer from some type of wiring damage as a result of rodents chewing on the wiring.

thisislife2

Isn't this common? I have had rodents eat wires in my car 3 times in the last 5 year. (It's not a Jag or LR). My friends have complained about this happening with their vehicles too. Or has there been any new development of some kind of "rodent-resistant" wiring?

frantathefranta

Upper middle class Americans are weirdly obsessed about LR, especially the new Defender. Jaguar I'm not sure how it survives (if it even really does nowadays).

taeric

Car obsession appears to be highly regional. In the Pacific Northwest, it is amusing how many Subaru vehicles you will find. To the point that it is always odd to go back to Atlanta and see how few are there. It would be interesting to see this mapped out.

For Land Rovers, specifically, I definitely recall seeing more when I lived in the south. Though, nowadays I think I notice Kia more. That is almost certainly just noticing more, though?

LtdJorge

You should visit Iceland, they're everywhere.

hollywood_court

I'm definitely biased because I own Land Cruisers, but it's wild watching people throw many away on an inferior product like the Defender. I think I'd rather have a Wrangler than a Defender and that says a whole lot.

frantathefranta

Our family has owned a '97 Defender 110 (originally bought for my parents' surveying business) for about 16 years now and I still don't understand how some people used to buy these for status. Not having owned a Land Cruiser (but am a happy owner of a Prius) or a Wrangler, I'd probably choose the Toyota over the Land Rover and leave the Jeep in the last place, though I do like the early generations.

DyslexicAtheist

the new Defender got to be the worst Land Rover ever built. It has terrible off-road capability even compared to the other (non Defender models like the Range). JLR alienated their entire existing Defender drivers where hardly any of them would buy this new model.

Granted, they also alienated their user base when the traditional TDI was replaced with the TD5 and then more alienation when they introduced the TD4.

But the latest thing (L663) has nothing in common with any of the previous models. (probably due to pedestrian safety laws becoming more strict)

rob

> the new Defender got to be the worst Land Rover ever built

No it isn't. I own a 2022 D90 P300 with 18" wheels, coils, front jump seat, everything. It's been great for ~40,000 miles. I'm constantly on dirt and rocky roads here. It's never let me down.

They're used by tons of people for offroading and modified heavily as well, with companies like Sarek, Lucky8, etc.

The only people who hate on new Defenders are the ones that love the ~25 year old versions with 200,000 miles, tons of rust, a diesel engine that can barely make it to highway speeds, and spends more time in the garage every weekend than "exploring." But hey, they're cooler than us because they work on their cars and have a manual transmission.

forinti

Does any luxury brand ever make economic sense?

It's all about status. If you want a reliable car, you buy a Toyota.

arethuza

My wife had a Toyota at one point which developed an interesting fault - all of the internal electrics would cut out at random times.

Turns out the cause was a leaking sunroof!

Water got in through the sunroof and the genius design had some kind of electric junction box (or fuses or something) at the lowest point of the passengers footwell. So water got in, flowed to where all the electrics were and things stopped working.

Fortunately it doesn't rain that often here in Scotland so it wasn't a big problem ;-)

hollywood_court

Lexus. IMHO, Lexus is the smartest vehicle purchase (other than a Toyota) that you make.

A Lexus LS and a Toyota Land Cruiser are the perfect pair of vehicles for someone to own. There will always be at least one of each in my garage.

Of course that's only true if you get the V8 modals of each. I wouldn't touch the new LS or new Land Cruiser unless they were given to me for free.

deepvibrations

Hehe, things only an American would say!

-> Reading this as a European with one small electric car, the idea that two V8 vehicles could be considered the perfect vehicle choice is quite out there!

thinkingtoilet

My father has a Lexus and the interior design and dash system are the worst I've ever seen, full stop. The weird touchpad that barely works. The sheer amount of buttons and options that 99% of people don't use 99% of the time. The way it handles maps while listening to music. The impossibility of going back and forth between sections while driving. I'm sure they're fine cars, but my god what an atrocity of user experience on the inside.

seesthruya

In my experience, and I believe surveys and statistics bear this out, the Porsche 911 is one of the most reliable vehicles on the road.

jack_tripper

>the Porsche 911 is one of the most reliable vehicles on the road

There's a joke in my country: A guy stops at a red light next to a Ferrari and asks the Ferrari driver: "Are those cars any good? Because and I don't see too many people buying them."

hollywood_court

Ha, I didn't think trolling was allowed on HN.

xbar

That has been mine.

gerhardi

I used to drive for five years (2015-2020) a 2009 naturally aspirated petrol Jaguar XF and it had zero issues except a single vacuum hose leak during my 100 000 kilometers (from 120 000 to 220 000) or so. The original rear upper wishbone arms were replaced and no more than expected normal wear & tear brake part replacements were needed. I still sometimes think that I'd like to have one again because in my opinion it was a quite nice and comfortable ride and turned out to be very good value as a used vehicle!

Maybe I had some kind of exception or are there dramatic differences between models and engines?

mtillman

My mechanic friends say the same. The Range Rover is the best looking suv imo and looks over shop time for those that can afford it. That said, no mechanical issues with my 2020 sport.

sonthonax

They’re extremely temperamental vehicles because they’re not fit for purpose.

The original Range Rover is an upmarket agricultural vehicle, and used the same platform from 1970 until the 2000s. When you actually use them as intended, for off road farm work you realise they’re better off road than they are on road.

brk

Anecdata I have a 2017 F-Type R. It's a daily driver and does not get babied. Has been essentially bulletproof, a couple of minor repairs, but nothing different than any other vehicle I have ever owned.

I've thought about replacing it, but why.

Zigurd

Ha ha, I had a Disco. It's the only vehicle I bought an extended warranty on. It's the only extended warranty I ever heard of that was worth buying. For starters: the fuel pump quit a couple blocks away from the dealership.

hollywood_court

I live ~90 minutes from Atlanta. Used 'luxury' autos would start showing up on used car lots around Atlanta as soon as their manufacturer's warranty expired.

I had scores of customers who would test drives these vehicles (Usually a LR, a Mini, a V8 Audi, or a V8 BMW) and bring them all the way to me for prepurchase inspections. I would tell them every single time "do not buy this vehicle." Then they would buy it and my employees and I would wager on how long it took the vehicle to be towed in for repairs.

And the type of people who buy used luxury vehicles from lots in Atlanta are also the type of people that cannot afford any repairs. So I ended up with many abandoned LRs, Audis, Minis, and BMWs all over my lot. Then I had to jump through all of the hoops to get the titles and have them sold and towed away.

philipwhiuk

I don't really understand how that's possible.

Here's the press release from the organisation which might be a better link: https://cybermonitoringcentre.com/2025/10/22/cyber-monitorin...

> This estimate is based on the information available as of 17 October and represents scenario-based analysis rather than confirmed operational data

aquir

Same thing happened with all companies where the IT/ERP has been outsourced to Tata Consulting Services to India...JLR, Marks and Spencer, Co-Op etc.

eightman

British Airways as well. N

Mistletoe

> In 2023, as part of an effort to "accelerate digital transformation across its business", JLR signed a five-year, £800m deal with corporate stablemate Tata Consultancy Services to provide cybersecurity and a range of other IT services.

I found this hilarious in another article. Lol so you sold the company to India Tata Motors and then you went full incest and had your IT done by Tata Consultancy Services.

thelastgallon

> India's Tata Motors

So, all 'tech' is done by TCS?

crazygringo

What was the purpose of the hack?

Was it ransom they declined to pay? Did the hackers do it for the lulz? Was a nation-state testing out their capabilities?

null

[deleted]

Mgtyalx

Does anyone know how the attack was carried out?

criddell

Unless the hack was built on zero-days, I don't like the framing of the hack costing the UK economy billions.

The headline should be "Land Rover's Poor Cybersecurity and ITSEC Practices Cost UK Economy Billions", or something like that.

Noumenon72

"Victim's Lack of Martial Arts Training Caused Murder"

fuzzzerd

It works both ways, "Folks mad at bank for leaving the vault open."

eptcyka

"Victim's Lack of Locks Caused Burglary" "Victim's 3$ Padlock Invited Break In"

giuliomagnifico

There aren’t many details available yet, but you can find some information here: https://treblle.com/blog/jlr-breach-breakdown-analysis

The main issue appears to be that the attack crippled JLR’s internal systems and production databases, preventing them from manufacturing new cars because they cannot properly track parts or generate serial numbers.

I’ve also read reports claiming that around 40k vehicles have already been built but are now essentially “ghost cars” since they aren’t registered in the system.

Imagine what would happen if JLR had to issue a safety recall without knowing which components are installed in which vehicles.

alistairSH

Did they not have a disaster recovery plan in place? It's not amazing that they got hit with a breach. It's amazing that they couldn't just "nuke from orbit" and start with a day-old snapshot (yeah, that's massively oversimplified, but still, it shouldn't take months and $billions$ to recover either).

And that 40k ghost car doesn't sound realistic. LR only makes ~400k vehicles/year. That 10% of their annual output got "lost" beggars belief.

onionisafruit

to paraphrase mike tyson, everybody has a disaster recovery plan until they get punched in the face

DyslexicAtheist

some info here https://www.cyfirma.com/research/investigation-report-on-jag...

> The breach was enabled through stolen Jira credentials harvested via Infostealer malware, a known hallmark of HELLCAT’s operations. The exposed data includes development logs, tracking information, source code, and a large employee dataset with usernames, email addresses, display names, and time zones. The presence of verified employee information from JLR’s global workforce raises significant concerns about identity theft and targeted phishing campaigns.

then

> the JLR breach escalated when a second threat actor, “APTS,” appeared on DarkForums on March 14, 2025. APTS claimed to have exploited Infostealer credentials dating back to 2021, belonging to an employee who held third-party access to JLR’s Jira server. Using these compromised credentials, the actor gained entry and shared a screenshot of a Jira dashboard as proof. APTS also leaked an additional tranche of sensitive data, estimated at around 350 GB, which contained information not included in Rey’s original dump, further amplifying the scale and severity of the breach.

ZiiS

If you wanted to shut down the line to create maneuvering room as US exports are blocked by tariffs. You could either just do it and take a massive political hit and sour relations with suppliers, or you can get a cheep 1.5 billion pound loan...

georgefrowny

[dead]