{"id":395114,"date":"2025-09-03T17:44:18","date_gmt":"2025-09-03T17:44:18","guid":{"rendered":"https:\/\/www.europesays.com\/uk\/395114\/"},"modified":"2025-09-03T17:44:18","modified_gmt":"2025-09-03T17:44:18","slug":"hackers-who-hit-ms-claim-responsibility-for-jlr-cyber-attack","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/uk\/395114\/","title":{"rendered":"Hackers who hit M&#038;S claim responsibility for JLR cyber attack"},"content":{"rendered":"<p>The group that hacked Marks &amp; Spencer earlier this year has claimed responsibility for the cyber attack on JLR that\u00a0has caused production shutdowns and sales stoppages.<\/p>\n<p>Scattered Spider hit the British retailer\u00a0in May, causing seven weeks of disruption and costing \u00a3300 million\u00a0in lost operating profit.<\/p>\n<p>Along with fellow\u00a0hacking group Shiny Hunters, it claims to have obtained customer data after exploiting a similar\u00a0flaw in JLR\u2019s IT system, <a href=\"https:\/\/www.telegraph.co.uk\/business\/2025\/09\/03\/ms-hackers-claim-responsibility-jaguar-land-rover-attack\/\" target=\"_blank\" rel=\"noopener\">The Telegraph<\/a>\u00a0reports.<\/p>\n<p>The claim\u00a0was made on a Telegram messenger group, where a user linked to the hackers\u00a0posted a screenshot of what appeared to show JLR&#8217;s internal system.<\/p>\n<p>A member of the group told The Telegraph that a well known flaw in SAP Netweaver &#8211; third-party software used by JLR &#8211; was exploited to access the\u00a0data.<\/p>\n<p>US cyber agency CISA warned about the flaw earlier this year. An update for the software was released, but whether JLR applied it is unknown.<\/p>\n<p>It&#8217;s also not known what data was taken or if a ransom demand has been made.\u00a0<\/p>\n<p>JLR told Autocar in a statement yesterday that \u201cthere is no evidence any customer data has been stolen\u201d.<\/p>\n<p>It refused to comment on the latest claims today (Wednesday).<\/p>\n<p>The hack has caused three days of sales and production issues which have \u201cseverely disrupted\u201d JLR&#8217;s operations.<\/p>\n<p>In an effort\u00a0to combat the hack, JLR began\u00a0\u201cshutting down our systems\u201d on Tuesday\u00a0and is now in the process of rebuilding them.<\/p>\n<p>This shutting down of systems has led to a halt of production at both Halewood and Solihull, where the\u00a0<a href=\"https:\/\/www.autocar.co.uk\/car-review\/land-rover\/range-rover\" target=\"_blank\" rel=\"noopener\">Range Rover\u00a0<\/a>and\u00a0<a href=\"https:\/\/www.autocar.co.uk\/car-review\/land-rover\/range-rover-sport\" target=\"_blank\" rel=\"noopener\">Range Rover Sport<\/a>\u00a0are built.\u00a0<\/p>\n<p>JLR was also unable to confirm a timescale for the fix, but it&#8217;s understood that the hack could continue to cause disruption for the rest of the week.<\/p>\n<p>According to The Telegraph, the hacking groups are believed to be\u00a0made up of teenagers from English-speaking countries.<\/p>\n<p>Autocar\u00a0first reported the issues affecting JLR on Monday, when dealers\u00a0couldn&#8217;t register new cars\u00a0on\u00a0&#8216;new plate\u00a0day&#8217; (1 September), traditionally one of the year&#8217;s busiest for registrations.<\/p>\n<p>To combat the delays, the registering of cars is now being carried out by hand, a JLR dealer revealed to Autocar on Wednesday.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"The group that hacked Marks &amp; Spencer earlier this year has claimed responsibility for the cyber attack on&hellip;\n","protected":false},"author":2,"featured_media":395115,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[51,16,15],"class_list":{"0":"post-395114","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"tag-business","9":"tag-uk","10":"tag-united-kingdom"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@uk\/115141611635660085","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/395114","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/comments?post=395114"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/395114\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media\/395115"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media?parent=395114"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/categories?post=395114"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/tags?post=395114"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}