UK government bails out Jaguar Land Rover with £1.5B loan after hack disrupts vehicle production for weeks

The UK government has approved a £1.5 billion ($2 billion) bailout loan for Jaguar Land Rover (JLR) after a major cyberattack forced the automaker to halt production for several weeks, crippling its supply chain and threatening the stability of hundreds of downstream suppliers.

In a statement released Sunday, ministers said the government-backed loan will “bolster JLR’s cash reserves so it can support its supply chain which has been greatly impacted by the shutdown.” The automaker will have five years to repay the loan.

Supply Chain Impact

JLR’s production halt has had a ripple effect across the UK automotive sector, particularly for small and mid-sized suppliers reliant on the company’s operations. The government estimated that around 120,000 workers depend on the wider JLR supply network for employment and stability.

According to BBC News, this is believed to be the first instance of government financial aid granted to a private company following a cyberattack.

Details of the Cyberattack

JLR shut down its IT network on August 31 after detecting a breach by hackers believed to be linked to a financially motivated cybercrime group responsible for similar attacks on the UK retail sector.

The company later confirmed that some internal data had been stolen and ordered employees to stay home while systems were rebuilt. The disruption is estimated to have cost JLR around £50 million.

Despite the loss, JLR — owned by India-based Tata Motors — reported a pre-tax profit of £2.5 billion for 2024, suggesting it has the financial capacity to recover from the incident.

Insurance and Cybersecurity Concerns

According to industry outlet The Insurer, JLR did not hold cybersecurity insurance, which could have mitigated some of the financial damage caused by the breach.

The bailout has drawn mixed reactions from security experts, who warn it could set a risky precedent, potentially encouraging future cyberattacks by signalling that the government may step in to rescue companies with weak cybersecurity defences.

JLR also faces criticism for its outsourcing strategy. In the years preceding the attack, the company had outsourced its cybersecurity operations to Tata Consultancy Services (TCS), the IT and tech support arm of Tata Motors.

TCS, which manages IT systems for numerous global clients, is also believed to have been the entry point for recent breaches affecting Marks & Spencer and The Co-op, two major UK retailers targeted by the same hacking group, according to the BBC.

Recovery Efforts Underway

In a statement on Monday, JLR said it expects to resume vehicle production “in the coming days”, though the automaker has missed multiple recovery deadlines since the initial shutdown.

The attack — and the government’s unprecedented financial intervention — have sparked ongoing debate about cyber resilience in critical industries and the need for stronger national security policies to protect the UK’s manufacturing base.