Jaguar Land Rover (JLR) has admitted that the recent cyberattack, which caused factory shutdowns, also resulted in data being compromised.
The incident came to light in early September, when the British carmaker, which is owned by India’s Tata Motors, announced severe disruptions to dealership and manufacturing operations.
The cyberattack forced the company to disconnect some systems, which led to factories in the UK, China, Slovakia and India getting shut down and workers being instructed to stay at home.
Two days ago, JLR said it extended the shutdown of manufacturing facilities as it had been working on restoring systems impacted by the cyberattack.
The company has now revealed in a statement posted on its website that the cyberattack has resulted in a data breach. However, it has not shared any information on what type of data might have been stolen by the hackers.
“As a result of our ongoing investigation, we now believe that some data has been affected and we are informing the relevant regulators,” JLR said. “Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.”
The notorious Scattered Spider cybercrime group has taken credit for the attack on JLR. The threat actor was also linked to recent attacks against major UK retailers, as well as several other industries worldwide.
This appears to be the second cyberattack that hit JLR this year. In March, the Hellcat ransomware group claimed to have stolen hundreds of gigabytes of data from the carmaker.
Related: Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking
Related: Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft
Related: Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack
