After the company’s global production lines were crippled, a group of young English-speaking hackers has claimed responsibility for the cyber attack that has paralysed Jaguar Land Rover’s business chain.
A group of young English-speaking hackers has claimed responsibility for a cyber attack that has paralysed Jaguar Land Rover’s global production lines.
The gang, calling themselves Scattered Lapsus$ Hunters, has been boasting about the breach on the encrypted messaging app Telegram, where they have posted screenshots apparently taken from inside the carmaker’s IT systems.
Jaguar Land Rover, which is owned by Tata Motors, said it was aware of the claims and was investigating.
Production at its Halewood plant in Merseyside and its Solihull site in the West Midlands has been heavily disrupted since the attack was discovered on Sunday.
On Telegram, the hackers taunted the company, writing: “Where is my new car, Land Rover?”
In private text conversations with a journalist at the BBC, one individual claiming to be a spokesperson for the group explained how they allegedly gained access to the firm’s networks.
They suggested the gang is now attempting to extort money from the manufacturer but declined to say whether customer data had been stolen or malicious software installed.
The hackers have shared two images they say prove their access – one showing internal instructions for troubleshooting a charging issue, another containing apparent computer logs.
While they offered no further evidence, security researcher Kevin Beaumont said: “Based on the information provided by the attackers and open source intelligence, the attack has access to JLR’s internal systems and network.”
The Information Commissioner’s Office confirmed it had been notified.
A spokesperson said: “Jaguar Land Rover has reported an incident and we are assessing the information provided.”
Jaguar Land Rover said in a statement: “We took immediate action to mitigate its impact by proactively shutting down our systems.
“We are now working at pace to restart our global applications in a controlled manner. At this stage there is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted.”
The hackers say their name reflects the merging of various youth-led cyber groups associated with a network known as The Com.
Their Telegram channel has attracted nearly 52,000 subscribers, though it is the fourth such channel after earlier versions were shut down.
The new group is said to bring together elements of Shiny Hunters, Lapsus$ and Scattered Spider.
The latter has previously claimed responsibility for attacks on retailers including Marks Spencer, Co-op and Harrods earlier this year.
In July, the National Crime Agency announced that four people had been arrested in connection with such attacks – a 20-year-old woman in Staffordshire, and three males aged between 17 and 19 in London and the West Midlands. All were later released on bail.
Group of young English-speaking hackers claim responsibility for Jaguar Land Rover cyber attack
