Jaguar Land Rover (JLR) has been forced to halt production after a cyber-attack severely disrupted operations at its two main UK factories.
The company, owned by Tata Motors of India, said it acted quickly to limit the impact of the hack and is working to restart systems.
The disruption struck as new registration plates were released on 1 September, traditionally one of the busiest times for vehicle deliveries.
JLR confirmed that retail activity was also badly hit but insisted there is currently no evidence of customer data being stolen.
The BBC understands the attack began on Sunday and was detected while in progress, leading to a shutdown of company IT systems.
At Halewood in Merseyside, staff were told not to come into work, while colleagues at Solihull were also sent home early.
In a statement, JLR said it took immediate action by shutting down systems and is now restarting global applications in a controlled manner.
The identity of the attackers remains unclear, though recent UK cyber-attacks on major retailers have involved extortion demands for money.
The National Crime Agency said it is aware of the incident and is working with partners to assess its scale and impact.
The timing is particularly damaging, following JLR’s recent profit slump due to rising costs linked to US trade tariffs.
In 2023, JLR signed an £800m cybersecurity contract with Tata Consultancy Services, highlighting the scale of its ongoing digital transformation efforts.
