Jaguar Land Rover sees surge in sales after cyber attack halted production

British carmaker Jaguar Land Rover says its worldwide sales grew 61 percent in a quarter after it recovered from a significant cyber attack that forced it to halt production for nearly six weeks in 2025.

 

The company announced its retail and wholesale performance for the fourth quarter of financial year 2026 on Thursday, announcing strong quarter-to-quarter growth in vehicle sales, even though a series of disruptions, such as the cyber attack, a dwindling market in China, and the planned wind down of legacy Jaguar models impacted year-to-year performance.

 

The luxury carmaker recorded 92,700 vehicle sales in the fourth quarter, up 16.2 percent from Q3, but its annual numbers were down 14.3% year‑on‑year. Similarly, wholesales in Q4 grew by 61.1 percent compared to Q3 but fell 14.5 percent compared to the same quarter in financial year 2025. Overall sales in 2026 at 307,900 units were 23.2 percent less than the numbers sold in the previous year.

 

The quarterly figures come as a boost for the struggling carmaker whose Q3 figures had revealed a pre-tax loss of £310 million and a 39.4 percent drop in revenue. The company’s sales in the quarter dropped by 64.4 percent in North America, 46 percent in China and 47.6 percent in Europe.

 

"Q3 was a challenging quarter for JLR with performance impacted by the production shutdown we initiated in response to the cyber incident, the planned wind down of legacy Jaguar and US tariffs," said JLR chief executive officer PB Balaji. "Thanks to the commitment of our dedicated teams, we returned vehicle production to normal levels by mid‑November, and we are focused on building our business back stronger."

 

The cyber attack, which Jaguar Land Rover revealed in August, forced the company to shut down multiple systems, including those at the Solihull production plant where popular models like the Land Rover Discovery, Range Rover, and Range Rover Sport were built. The attack also disrupted dealers’ ability to register new vehicles or supply parts at service centres.

 

The attack was claimed by the Scattered Lapsus$ Hunters hacking group, which said it exploited stolen Atlassian JIRA credentials obtained over several years through malware infections and phishing campaigns targeting Jaguar Land Rover employees. According to reports, the hackers allegedly exfiltrated up to 350GB of sensitive data, including source code, proprietary documents, and employee information, which was later leaked on dark web forums.

 

Cyber security company Cyber Monitoring Centre later revealed that the cyber attack on JLR cost the UK economy approximately £1.9 billion. CMC described the incident as “the most economically damaging cyber event” to ever impact the United Kingdom.