Hi there, let’s catch up about what’s just happened at Jaguar Land Rover (JLR). It’s a big deal potential data breach which exemplifies that no organisation is too large to be shocked by hackers.
Following this breach, JLR were forced to shutdown many of its systems as it seemed like REvil had compromised many facets of its IT infrastructure from its plant in Solihull to some of its apps with a global user base. We can only imagine the operational impacts at JLR.
To respond, JLR is currently partnering with national experts in cyber and private teams specializing in cybersecurity. They are conducting a thorough investigation into what was stolen, and what notifications are warranted.
• Factories stop working
• Employees can’t work
• Customers and vendors lose confidence
A further complicating issue, is the uncertainty. If customer data has been exposed, it could lead to identity theft. If it is only company files, the implications would still be significant, but more limited.
Also, we are seeing that groups like Scattered Lapsus$ Hunters and others are emboldened. Hackers are not only stealing the information, but they now want to create chaos while getting their fifteen minutes of fame.
What Went Down
JLR has confirmed that REvil (or a variant) have gained access to their systems and compromised data. At this time, JLR cannot confirm exactly what data has been compromised and whether it has been customer data or whether internal only.Following this breach, JLR were forced to shutdown many of its systems as it seemed like REvil had compromised many facets of its IT infrastructure from its plant in Solihull to some of its apps with a global user base. We can only imagine the operational impacts at JLR.
Who Are The Hackers?
The group that claims to have attacked JLR goes by the name Scattered Lapsus$ Hunters. They claim to have gained access to the company's internal SAP system, and it looks like they may have also used ransomware as part of this attack. JLR has not fully publicy confirmed the Scattered Lapsus$ Hunters claims, they have published screenshots on social media which seem to confirm their claim of success.To respond, JLR is currently partnering with national experts in cyber and private teams specializing in cybersecurity. They are conducting a thorough investigation into what was stolen, and what notifications are warranted.
Why It Matters
Even if "some data" was compromised, it still has significant implications. When systems go down:• Factories stop working
• Employees can’t work
• Customers and vendors lose confidence
A further complicating issue, is the uncertainty. If customer data has been exposed, it could lead to identity theft. If it is only company files, the implications would still be significant, but more limited.
Also, we are seeing that groups like Scattered Lapsus$ Hunters and others are emboldened. Hackers are not only stealing the information, but they now want to create chaos while getting their fifteen minutes of fame.