Range Rover Owner Counts Cost of Crippling Cyberattack
Jaguar Land Rover slumps to quarterly loss after hack halted production
- Jaguar Land Rover reported a quarterly loss of almost $750 million, a significant swing from a $375 million profit in the same period last year.
- The cyberattack that halted Range Rover production for over a month led to more than $250 million in one-time costs.
- Retail sales at Jaguar Land Rover decreased by 17% year over year for the affected quarter.
A cyberattack that halted Range Rover production for more than a month cost the SUV brand’s owner big time.
Jaguar Land Rover said Friday it swung to a quarterly loss of almost $750 million after stopping its assembly lines in September to manage a debilitating hack. In the same period last year JLR made roughly $375 million in profit. The reversal reflects a dramatic decline in revenue as well as more than $250 million in one-time costs associated with the incident.
The attack is likely the most costly of a series of cyberattacks targeting some of the U.K.’s best-known businesses this year. It also took its toll on the British economy. A sharp fall in car production hit U.K. economic growth in September, official data showed Thursday.
“It is honestly like nothing else I’ve experienced,” said Chief Financial Officer Richard Molyneux on a call with reporters. “We went through a really massive learning curve.”
The suspension of assembly lines at JLR hit a diffuse network of suppliers, many of them small and financially fragile, that ship parts to its factories. In late September, the U.K. government guaranteed up to roughly $2 billion in loans to the automaker, giving it the firepower to pay suppliers up front during the restart phase.
JLR started to resume operations on Oct. 7, beginning with its engine plant and stamping presses. The company said Friday its operations were almost back to normal.
Molyneux said there would be further costs associated with the hack in the current quarter, even as the company works to make back some of the sales lost during the shutdown.
“Some of the volume we’ll get back. Some of it we will not, given the state of global demand and competitor oversupply,” he said.
Dealers kept some Land Rover sales to customers going in September by resorting to manual sales processes for vehicles shipped before the shutdown. Retail sales in the quarter fell 17% year over year.
Hackers belonging to a trio of infamous cybercriminal groups—Lapsus$, ShinyHunters and Scattered Spider—appeared to claim responsibility for the JLR hack. The company declined to comment on the live criminal investigation.
Members of the groups are also suspected to be behind attacks perpetrated earlier this year on Marks & Spencer and other U.K. retailers, including posh department store Harrods.
M&S, one of the country’s largest retailers, shut down its online store for weeks in the spring as it dealt with a cyber incident. The company initially estimated the impact on its operating profit at the equivalent of almost $400 million, though an insurance claim ended up covering roughly a third of that amount.
For JLR, the hack came at a difficult moment. President Trump’s trade policy has increased the tariffs due on the vehicles the automaker ships to the U.S., its largest market. The company reported quarterly costs of almost $100 million associated with higher U.S. duties.
JLR, which is owned by India’s Tata Motors, has also been winding down legacy models of its Jaguar brand ahead of a complete relaunch next year.
Meanwhile, the company is undergoing a leadership transition, with Tata Motors Chief Financial Officer P.B. Balaji set to succeed JLR lifer Adrian Mardell as CEO later this month.