BBC – Jaguar Land Rover (JLR) has said its UK factories will remain closed until next week after the carmaker was hit by a cyber attack at the end of last month.
Production halted at the plants in Solihull, Halewood and Wolverhampton with workers sent home following the hack, which came to light on 1 September.
The company, which usually builds 1,000 cars a day, conceded some data had been impacted but it is not yet clear who is affected such as customers, suppliers or JLR itself.
Staff have been told not to come into work until Wednesday at the earliest, which means more than two full weeks of global output will have been lost.
Following the cyber attack, JLR shut down its IT networks in order to protect them from damage.
However, because modern factories and parts supply networks are highly automated, this meant the manufacturer had to shut down its production lines.
Dealerships were left unable to sell cars at what is usually one of the busiest periods of the year, and garages which service JLR vehicles initially struggled to obtain the parts they needed.
Workarounds have since been introduced, which have improved the situation but disruption is continuing.
JLR’s suppliers have also been badly affected.
On Wednesday, the company, which is owned by India’s Tata Motors, admitted data might have been stolen or viewed by third parties in the hack.
In a statement, the carmaker said: “As a result of our ongoing investigation, we now believe that some data has been affected, and we are informing the relevant regulators.
“Our forensic investigation continues at pace, and we will contact anyone as appropriate if we find that their data has been impacted.”
A group calling itself Scattered Lapsus$ Hunters, which was behind cyber attacks on UK retailers including M&S earlier this year, has claimed responsibility for the JLR hack.
M&S’s operations were affected for a number of months, stopping customers from ordering online and costing the High Street retailer £300m.
Last week, the Information Commissioner’s Office told the BBC that JLR had reported an incident to the UK’s data watchdog.
Business minister Chris Bryant met JLR’s chief executive Adrian Mardell on Thursday morning and the Department of Business and Trade has said it is speaking to the company on a daily basis.
On Tuesday, Bryant told MPs that the National Cyber Security Centre, part of the intelligence agency GCHQ, had been working with JLR since the early stages of the incident.
Local MPs are due to be briefed by the company during an online call on Friday.
