Jagar Land Rover confirms ‘data affected’ in cyber prang • The Register
Jaguar Land Rover (JLR) says “some data” was affected after the luxury car maker suffered a digital break-in early last week.
Cybercrooks ripped the wheels off at Jaguar Land Rover. Here’s how not to get taken for a ride
The Tata-owned automaker said on September 2 it had shut down its systems to mitigate the impact of the “incident” and claimed there was “no evidence” of data theft, although its retail and production activities have been severely dented.
Four days later, it apologized for the continued disruption amid ongoing efforts to kickstart systems, thanking staff, customers, and suppliers for their patience. Retail partners were still open for business, it added.
However, in the latest update today, JLR confirmed that the situation was rather worse than initially estimated. A spokesperson said in a statement: “As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators. Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.”
JLR did not identify the type of data affected. “We are very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses,” the company said.
Along with third-party cybersecurity specialists who are combing through the wreckage, JLR says it is still “working around the clock… to restart our global applications in a controlled and safe manner.”
Employees have been asked to remain at home since the attack was made public and are not expected to return until at least next Monday, according to some reports.
Sources told us they were unable to service their JLR cars last week due to the systems being taken offline. One said it related to parts ordering and diagnostic services. “At over a grand for a swift oil change, it would be nice if they could keep their IT systems secure,” the customer quipped.
Scattered Spider is suspected to be behind the digital heist, the same ransomware crew that caused mayhem for months at Marks & Spencer, a UK retail chain that was attacked in April. The criminals now appear to be collaborating with ShinyHunters and Lapsus$.
In addition to retailers, Scattered Spider has also turned its evil eye on insurers and airlines. ®
