Jaguar Land Rover Faced a Major Cyber Attack Claiming Payroll Data Theft

“A major cyber attack happened at Jaguar Land Rover, reports say, a payroll data theft.”

Jaguar Land Rover (JLR), a British luxury carmaker, has confirmed that thousands of present and past employees’ payroll and personal information were taken during a massive cyberattack that occurred in August 2025. This has put JLR in a dire situation.

The business has advised staff members to stay vigilant against financial fraud and identity theft in the wake of the revelation.

Jaguar Land Rover

The first formal acknowledgement of theft of personal data

This is the first time Jaguar Land Rover has admitted in public that the cyberattack resulted in the theft of sensitive employee data. The operational disruption that compelled JLR to cease vehicle production across all of its facilities for several weeks was the main topic of the company’s earlier communications.

The corporation informed staff members internally that forensic investigations had uncovered unauthorized access to payroll administration systems, which contained data about salary, pensions, benefit plans, and dependents.

But according to JLR, there isn’t any proof yet that the stolen information has been exploited or made public.

Data Type at Risk

Bank account numbers, national insurance numbers, tax codes, salary information, and residential addresses are frequently found in payroll databases. Cybersecurity experts point out that such information greatly raises the risk of identity fraud, phishing attempts, and financial fraud, even if JLR has not stated which specific data fields were hacked.

Employees have been cautioned by the corporation to strengthen their passwords on all digital platforms and to be wary of dubious emails, phone calls, and fraudulent communications.

Support for Credit and Identity Monitoring for Two Years

In reaction to the hack, JLR has declared that impacted employees and former employees will receive free credit and identity monitoring services for two years. Additionally, a separate helpline has been set up to help anyone who needs advice or wants to report suspicious activities.

Company Spokesperson

Regulators Notified, Investigation Underway

JLR has officially disclosed the data breach, according to the Information Commissioner’s Office (ICO), the UK’s data protection agency. The regulator has started investigations and asked the company for specific details about the extent of the breach and the security measures in place.

Greater Economic Repercussions

The ramifications of the cyberattack went much beyond Jaguar Land Rover. According to the corporation, the outage affected about 5,000 partner and supplier organizations. An estimated ₹20,000 crore is the incident’s entire economic cost.

Official Figures

The Hacking Group Takes Accountability

A hacker collective known as “Scattered Lapsus Hunters,” which has previously been connected to cyber incursions at significant retail brands like Marks & Spencer and Co-op, has claimed responsibility for the cyberattack.

Jaguar Land Rover has not verified any breach of consumer information, despite the group’s claims that customer data was also stolen. The business has reaffirmed that investigations are still ongoing and promised to keep stakeholders, employees, and regulators informed as new information becomes available.

About The Author

Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts, with the latest trends in cyber awareness and ethical hacking. Find out more about “Him.”

Read More:

Sites Leaking Indians’ Personal Data Concerned MeitY Alarming VPN Providers

About Author

daksh kataria

See author's posts