LONDON: British luxury carmaker Jaguar Land Rover (JLR) is facing a serious crisis after confirming that payroll and personal data of thousands of current and former employees was stolen during a large-scale cyber attack that struck the company in August 2025. Following the disclosure, the company has warned employees to remain alert against identity theft and financial fraud.
According to JLR, hackers gained unauthorised access to highly sensitive employment-related information, including data linked to salary payments, staff benefits and human resources records. The company currently employs over 38,000 people worldwide, while records of former employees were also affected by the breach.
First official admission of personal data theft
This marks the first time Jaguar Land Rover has publicly acknowledged that personal employee data was stolen during the cyber attack. Earlier communications from the company had focused largely on the operational disruption, which forced JLR to halt vehicle production for several weeks across its facilities.
In an internal communication to employees, the company said that forensic investigations revealed unauthorised access to payroll administration systems, including information relating to salaries, pensions, benefit schemes and dependents. However, JLR has stated that there is currently no evidence that the stolen data has been misused or published.
Type Of Data At Risk
Payroll databases typically contain bank account numbers, national insurance numbers, tax codes, salary details and residential addresses. While JLR has not specified exactly which data fields were compromised, cybersecurity experts note that such information significantly increases the risk of identity fraud, phishing attacks and financial scams.
The company has advised employees to remain cautious of suspicious emails, phone calls and fraudulent messages, and to strengthen passwords across all digital platforms.
Two-Year Credit and Identity Monitoring Support
In response to the breach, JLR has announced that it will provide two years of free credit and identity monitoring services to affected employees and former staff. A dedicated helpline has also been established to assist those seeking guidance or reporting suspicious activity. A company spokesperson said:
“Following the safe and successful restart of global vehicle manufacturing, the forensic investigation into the cyber incident continued. From this ongoing investigation, JLR believes that certain data relating to current and former employees and contractors was affected.”
Regulators Informed, Probe Underway
The UK’s data protection watchdog, the Information Commissioner’s Office (ICO), confirmed that JLR has formally reported the data breach. The regulator has initiated enquiries and sought detailed information from the company regarding the scale of the breach and the safeguards in place.
Wider Economic Fallout
The cyber attack had consequences extending far beyond Jaguar Land Rover. The company stated that nearly 5,000 supplier and partner organisations were impacted by the disruption. The total economic cost of the incident is estimated at approximately ₹20,000 crore.
Official data indicates that the incident contributed to a 0.1 per cent contraction in the UK economy in September 2025, highlighting the systemic impact of cyber incidents on critical manufacturing sectors.
JLR has disclosed that the attack resulted in a quarterly sales decline of around ₹15,750 crore, along with exceptional costs of approximately ₹2,060 crore related to recovery, system restoration and security enhancements.
Hacking Group Claims Responsibility
The cyber attack has been claimed by a hacking group known as “Scattered Lapsus Hunters”, which has previously been linked to cyber intrusions at major retail brands including Marks & Spencer and Co-op. While the group has alleged that customer data was also stolen, Jaguar Land Rover has not confirmed any breach of customer information.
The company has reiterated that investigations are ongoing and said it will continue to update employees, regulators and stakeholders as further findings emerge.
