Jaguar Land Rover (JLR) has now officially acknowledged that data was compromised during the recent cyberattack that forced the company to halt production and disrupted global sales operations for over ten days.
The admission comes after mounting speculation and operational paralysis that has yet to be resolved.
In an update posted to its website today, JLR stated that some data had indeed been affected by the incident and that relevant regulators are being notified. The company also noted that its forensic investigation is ongoing and promised to notify individuals directly if their personal data was involved. While no further details were provided about the type or scope of the compromised data, this marks a significant shift from the company's initial position, which suggested there was no evidence of data exfiltration.
At this stage, it is unclear what the compromised data might comprise and whether sensitive customer information was exposed during the cyberattack.
The breach was first reported on September 2, when multiple dealerships across the UK experienced system outages that disrupted new vehicle registrations during one of the industry's busiest sales periods. JLR responded by shutting down its internal IT systems to contain the threat, resulting in halted production lines and suspended sales operations across multiple regions.
Jaguar Land Rover is a UK-based luxury vehicle manufacturer and a wholly owned subsidiary of Tata Motors. Known for its premium Jaguar and Land Rover marques, JLR maintains a vast global footprint that includes manufacturing plants, engineering centers, and software hubs across Europe, North America, and Asia.
Internally, the disruption has brought production at major plants to a near-total standstill. Staff have reportedly been unable to access essential enterprise applications, logistics systems, and supplier portals, with no public estimate on when normal operations will resume.
Meanwhile, the hacking group known as Scattered Lapsus$ Hunters has been claiming responsibility for the attack on Telegram, boasting for several days that they have exfiltrated internal data from JLR. The company hasn't confirmed SLH's involvement as of yet, and has not disclosed the initial attack vector, whether ransomware was deployed, or if a ransom demand has been made. However, given the prolonged outage and total shutdown of backend infrastructure, there's speculation that the attackers may have gained domain-wide access or deployed data-encrypting payloads that severely impede recovery efforts.
As of September 10, production lines at multiple JLR factories remain inactive, with employees told to stay at home until further notice.
这篇文章写得很及时,详细报道了Jaguar Land Rover的数据泄露事件,让我对当前供应链安全的威胁有了更深的认识。希望后续能提供更多关于攻击细节和防范措施的信息。