The Solihull plant, where SUVs like the Range Rover and Range Rover Sport are produced, is also affected. The company has refused to comment on the extent of the attack but stated it began to “shut down systems” on Tuesday and is currently engaged in their restoration. Deadlines for resolving the problem have not yet been set.
The failure in JLR’s IT systems has also significantly complicated the work of the dealers: They cannot order spare parts through the official software and in some cases cannot even hand over vehicles to customers. Cars need to be registered manually by contacting the UK’s Driver and Vehicle Licensing Agency (DVLA). However, this week the brand managed to register around 6000 vehicles.
The issues became known on September 1 - the day of the license plate changes, which traditionally is one of the busiest for the automotive market in the UK. The group Scattered Spider claimed responsibility for the cyberattack. Previously, the same hackers attacked the retailer Marks & Spencer, leading to a seven-week disruption and losses of 300 million pounds.
According to The Telegraph, the group Shiny Hunters joined in on the hack. The attackers claim to have gained access to the car manufacturer’s internal systems by exploiting a vulnerability in the SAP Netweaver software. The US Cybersecurity and Infrastructure Security Agency (CISA) had warned about this security leak and an update was released. However, it is unclear whether the company JLR installed it.
According to The Telegraph, the mentioned hacker groups consist of teenagers from English-speaking countries.
In an official statement, JLR emphasized that it found no data leak of customer data. The company has taken immediate action to mitigate the impact of the attack by proactively shutting down systems. JLR is now working to restart global applications in a controlled manner.
Source: Autocar