Jaguar Land Rover profit slumps after cyber attack | Computer Weekly

Jaguar Land Rover (JLR) continues to face financial fallout from the devastating 2025 cyber attack on its systems, with sales and profits dropping precipitously during the final quarter of its financial year, even as vehicle production returned to normal.

Describing a challenging year in which it faced multiple headwinds – the wind-down of its legacy vehicles, a more competitive market in China, and US tariffs also compounded the veteran carmaker’s struggles – JLR said fourth-quarter revenues were down 11% year-on-year to £6.9bn, and 21% for the full year to £22.9bn.

Pre-tax profit for the three months to 31 March fell by 48% to £458m, and for the full year by 82% to £2.5bn.

“We recovered well in the fourth quarter as production returned to normal levels, demonstrating the commitment of our people, suppliers and retail partners,” said JLR chief executive PB Balaji, who was parachuted in by JLR parent Tata Motors in November 2025.

“As we look ahead into FY27, we are focused on driving growth … and reducing our break‑even volumes whilst we launch a slew of exciting products,” he said.

The cyber attack on JLR’s systems unfolded in August 2025, and was one of a number of serious incidents linked to the ShinyHunters hacking collective and associated groups that unfolded during 2025 and continues to this day.

JLR had switched off its production lines for around a six-week period in the wake of the cyber attack, with Westminster forced to step in to cover the beleaguered company with a £1.5bn loan guarantee, after the disruption started to spread through its supply chain.

Based on its “hurricane scale” cyber attack matrix, the UK’s Cyber Monitoring Centre has classified the JLR cyber attack as a Category 3 Systemic Event and set the wider economic cost of incident at somewhere between £1.6bn and £2.1bn – and potentially up to £5bn – with almost 3,000 distinct UK organisations potentially affected.

Talion CEO Keven Knight said the losses stemming from the JLR cyber attack would have killed off most businesses.

“The figures will likely be a huge concern for other business leaders as they demonstrate the very real and expensive consequences of attacks,” he said.

“However, recent figures from the UK government’s Cyber Security Breaches survey revealed that only 31% of businesses have board members or trustees taking explicit responsibility for cyber security as part of their job,” said Knight. “This figure is far too low.

“With cyber attacks having the ability to significantly impact an organisation’s annual turnover, this means security must be a board priority,” he said. “Boards have a duty to steer their organisations safely and successfully, but this can’t be achieved when they completely overlook cyber security.

“Hopefully these figures act as a catalyst for organisations to improve their defences, because no business leader wants to find themselves in a position where they are reporting millions in losses to investors in their next annual report,” said Knight.