Jaguar Land Rover, the British luxury automaker owned by India’s Tata Motors, has extended its production shutdown for at least another week, pushing the pause into a fourth week amid an ongoing investigation into a cyberattack that crippled its operations. The company announced Tuesday that factories in the U.K. and Slovakia will remain idle until at least Oct. 1, as teams work to restore IT systems taken offline following the breach detected on Sept. 1.

The cyber incident, which JLR has described as a “significant” threat, forced the immediate halt of global production lines, affecting models like the Range Rover and Defender. Insiders familiar with the matter say the attack targeted critical supply chain and manufacturing software, leading to a precautionary shutdown to prevent further compromise.

The Ripple Effects on Supply Chains and Workforce

This extension marks the latest in a series of delays, with initial hopes for a quick recovery dashed by the complexity of the breach. According to reports from TechCrunch, the company is losing an estimated millions of pounds per week, with analysts projecting total costs could exceed £100 million if the outage persists. Suppliers, many of whom rely on JLR for a significant portion of their business, are facing mounting pressures, with some warning of potential collapses without resumed orders.

JLR employs around 40,000 people globally, and the prolonged halt has left thousands of workers in limbo, with production staff instructed to stay home. The automaker has emphasized its commitment to paying employees during the downtime, but the uncertainty is straining morale and local economies in manufacturing hubs like Solihull and Halewood.

Investigating the Cyber Threat and Response Strategies

Cybersecurity experts brought in to assist include specialists from Deloitte and other firms, working alongside U.K. authorities to trace the attack’s origins. A hacker group calling itself “Scattered Lapsus$ Hunters” has claimed responsibility, per details shared in The Economic Times, though JLR has not confirmed this. The breach highlights vulnerabilities in the automotive sector’s increasingly digitized supply chains, where just-in-time manufacturing leaves little room for disruptions.

In response, JLR is accelerating efforts to rebuild and secure its networks, including implementing enhanced firewalls and multi-factor authentication across systems. Company spokespeople have reiterated that customer data appears unaffected, but the focus remains on safely restarting assembly lines without risking further intrusions.

Broader Industry Implications and Financial Fallout

The shutdown comes at a critical time for JLR, which is navigating a transition to electric vehicles amid slumping sales in key markets. Data from The Guardian indicates that September is a peak month for new car registrations in the U.K., amplifying the revenue hit. Tata Motors’ stock has dipped in recent weeks, reflecting investor concerns over the subsidiary’s performance.

For the wider auto industry, this incident underscores the growing threat of cyberattacks, with recent examples like the 2024 breach at Toyota serving as stark reminders. Analysts at Yahoo Finance suggest JLR’s experience could prompt peers to invest more heavily in cyber defenses, potentially reshaping how manufacturers integrate technology into operations.

Path Forward Amid Uncertainty

As JLR pushes toward an Oct. 1 restart, contingency plans include sourcing alternative parts and ramping up production at unaffected facilities. However, experts warn that full recovery could take months, with lingering effects on delivery timelines for dealers and customers worldwide.

The episode also raises questions about corporate resilience in an era of sophisticated digital threats. With geopolitical tensions heightening cyber risks, JLR’s handling of this crisis may set precedents for how global firms balance speed and security in their recovery efforts, influencing strategies across the sector.