The group that hacked Marks & Spencer earlier this year has claimed responsibility for the cyber attack on JLR that has caused production shutdowns and sales stoppages.
Scattered Spider hit the British retailer in May, causing seven weeks of disruption and costing £300 million in lost operating profit.
Along with fellow hacking group Shiny Hunters, it claims to have obtained customer data after exploiting a similar flaw in JLR’s IT system, The Telegraph reports.
The claim was made on a Telegram messenger group, where a user linked to the hackers posted a screenshot of what appeared to show JLR's internal system.
A member of the group told The Telegraph that a well known flaw in SAP Netweaver - third-party software used by JLR - was exploited to access the data.
US cyber agency CISA warned about the flaw earlier this year. An update for the software was released, but whether JLR applied it is unknown.
It's also not known what data was taken or if a ransom demand has been made.
JLR told Autocar in a statement yesterday that “there is no evidence any customer data has been stolen”.
It refused to comment on the latest claims today (Wednesday).
The hack has caused three days of sales and production issues which have “severely disrupted” JLR's operations.
In an effort to combat the hack, JLR began “shutting down our systems” on Tuesday and is now in the process of rebuilding them.
This shutting down of systems has led to a halt of production at both Halewood and Solihull, where the Range Rover and Range Rover Sport are built.
JLR was also unable to confirm a timescale for the fix, but it's understood that the hack could continue to cause disruption for the rest of the week.
According to The Telegraph, the hacking groups are believed to be made up of teenagers from English-speaking countries.
Autocar first reported the issues affecting JLR on Monday, when dealers couldn't register new cars on 'new plate day' (1 September), traditionally one of the year's busiest for registrations.
To combat the delays, the registering of cars is now being carried out by hand, a JLR dealer revealed to Autocar on Wednesday.
Join the debate
Add your comment
There's so much of it going on with large companies it's a joke. Maybe senior management need to consider their outsourcing partners and how diligently they manage their staff and those they contract out to.
I still can't believe that so much UK sensitive data and processing is performed and managed by offshore commpanies in nations that trade with countries like Russia!
Some wronguns stood outside their data centre with an aerial and some tin snips, bypassed the security system and stole all the data, broke it for parts and resold it all on eBay. Now Mardell will come out of retirement and angrily demand that the police and the taxpayer should pay to cover the additional security measures needed to stop happening again.
The ubiquitous slagging off of JLR by a BTL commenter straight off the bat. Change the record.