Jaguar Learns That Everything Is Computer

This newsletter is sponsored by:

Jaguar Land Rover (JLR) was already having a complicated year.

In addition to dealing with The Donald’s bullshit tariffs, the impending departure of their CEO, and mixed reviews from the launch of their future luxury EV, JRL has been dealing with a material cyberattack on their core technology systems for almost a month now.

Typically producing around 1,000 vehicles per day, staff at multiple JLR factories across Britain were instructed to stay at home as the OEM attempted to determine how to respond to the attack and while manufacturing remained halted.

The Guardian reported that “Managers at a factory in Halewood, Merseyside, told industry contacts there might have been a hack—although it was not clear then just how bad the situation was.”

It turns out, it was bad.

The disruption is believed to be costing the company more than $50 million in lost production every week and could ultimately cost them billions of dollars.

JLR was in the middle of negotiating a contract for cybersecurity insurance when the attack happened. (Dude, that sucks!)

But this recent attack isn’t where this story begins.

In March, HELLCAT, a ransomware group, claimed responsibility for an earlier JLR data breach that compromised gigabytes of sensitive digital assets, including proprietary documents, source code, and data related to employees and partners.

The breach was enabled through stolen Jira credentials collected using Infostealer malware.

HELLCAT operates a ransomware-as-a-service (RaaS) model, providing ransomware tools and infrastructure to malicious actors in exchange for a share of the profits. (I bet you didn’t know that was a thing.)

This initial breach likely paved the way for a subsequent group of hackers to knock down JLR’s systems in August.

Just a couple of days before the attack, Google and Mandiant issued a new advisory revealing a widespread data breach in Salesforce.

Armed with the data collected in March and leveraging an open door that wasn’t yet closed, a group calling itself “Scattered Lapsus$ Hunters” launched and then claimed responsibility for the JLR attack.

This hacking collective, apparently formed from the merger of three notorious cybercrime groups, was boasting about the attack on Telegram, sharing screenshots that appear to be from inside JLR’s data warehouse walls.

They were also cracking jokes about the breach, asking, “Where is my new car, Land Rover?”

Initially, the company believed the attackers did not steal any sensitive data; they later backtracked, stating that “some data” was likely affected.

JLR is owned by Indian firm Tata, which is the majority owner of Indian IT company Tata Consultancy Services (TCS).

TCS has also provided IT services to Marks & Spencer (M&S), and it emerged in May that TCS launched an investigation to determine whether it was the gateway for a cyberattack on the British high street retailer. (Kinda sucks to be TCS these days).

And just like that, Scattered Lapsus$ Hunters announced that they have decided to retire.

The group posted a scathing (albeit convoluted) goodbye note on the dark web that was subsequently shared on x.com.

And although the hackers may or may not actually disappear, the fallout from the attack remains.

JLR has confirmed that its factories will not be in a position to restart operations until at least October, with some reports suggesting that delays could extend even longer.

If there is anything to be learned here, it’s that our networked cloud isn’t as secure as we are told, our Jira credentials might be more valuable than you thought, and you should always pay for the insurance.

The Wuling Binguo S compact EV, with a 430 km range and a starting price of around $9,400 USD, launched in China this week. carnewschina.com

Xiaomi plans to open showrooms in the EU when it launches its electric cars in the region in 2027. cnbc.com

Chery, China’s second-largest automaker, soars in Hong Kong debut after a US$1.2 billion initial public offering. scmp.com

Li Auto received over 20,000 orders for its new i6 electric SUV within hours of launch. cnevpost.com

China learns that brand reputation is a thing. reuters.com

Chinese driverless car technology startup Momenta is raising funds at a valuation of roughly $6 billion. cnbc.com

VW plans to optimize the utilization of its massive production capacity in China and has prepared the first batch of locally built gasoline vehicles for export. autonews.com

Berkshire Hathaway has fully divested itself of its highly profitable equity investment in BYD. cnbc.com

BYD’s YangWang U9 Extreme is officially the world’s fastest production car, setting a new record earlier this month at ATP’s high-speed oval in Germany, hitting an astonishing 308.4 miles per hour, dethroning the long-standing record set by the Bugatti Chiron Super Sport 300+ in 2019. insideevs.com, youtube.com

House Oversight Committee Democrats released a partially redacted set of Epstein files. The notes indicated that Epstein was in touch with Elon, Peter Thiel, Steve Bannon, and Bill Gates from 2014 to 2019. Musk told Vanity Fair in 2019 that he had visited Epstein’s New York mansion and that Epstein “tried repeatedly to get me to visit his island,” but Musk declined. cnbc.com

Tesla hasn’t applied for any permits, yet continues to insist it’s operating a robotaxi service in California, confusing the state’s regulators. theverge.com

Tesla asks EPA not to roll back emissions rules as The Donald calls climate change a “con job”. techcrunch.com

Starlink plans to offer mobile phone services directly to consumers via its satellite network. theglobeandmail.com

Unitree recently demonstrated the capabilities of its G1 humanoid robot in a series of physical trials, showing off a new system called Anti-Gravity mode. interestingengineering.com

The Donald’s administration launched a national security investigation into the imports of robotics, industrial machinery and medical devices, a move that could pave the way for fresh tariffs. cnbc.com

Generator giant Briggs & Stratton can now power your home with batteries. electrek.co

The US told India that curbing purchases of Russian oil is the key to unlocking progress in their trade deal. reuters.com

Danish renewable energy company Orsted will restart work “as soon as possible” on a wind farm off the coast of New England, after a federal judge on Monday blocked The Donald’s administration from enforcing a stop-work order. cnbc.com

New wind farms in Nova Scotia will help the province move closer to its renewable energy goals. cbc.ca

Loblaws signed a five-year deal with US startup Gatik to deploy 50 autonomous trucks tasked with delivering time-sensitive groceries and household items to 300 Loblaw stores across Canada. bnnbloomberg.ca

Stellantis reports data breach affecting North American customers. cbc.ca

Honda cancels Acura ZDX production. theverge.com

Volvo’s next-generation hybrids will be American-made extended-range electric vehicles (EREVs). theverge.com

Stellantis has a window trim problem. reuters.com

BMW has an engine starter problem. reuters.com

Shares in Germany’s Daimler Trucks fell on Friday after The Donald announced tariffs on heavy-duty trucks. reuters.com

Lucid kicks off its Nuro-Uber robotaxi partnership with the delivery of its first vehicle. theverge.com

US tariffs on Canadian vehicles and parts jumped to US$380 million in July 2025. thecanadianpressnews.ca

The Canadian government says it is re-reviewing its decision to impose 100% tariffs on Chinese EVs, but it can’t or won’t say when the review began, or when it will end. bnnbloomberg.ca

The Quebec government scraps its 2035 plan to ban the sale of new internal combustion engine vehicles. autonews.com

Autograph Analytics is your AI-powered partner for automotive data, analytics and reporting.

They unify GA4, Ads, CRM and DMS data, turning scattered information into sleek, automated insights that drive smarter decisions.

Trusted by top dealer groups across North America, Autograph saves time, reduces errors and boosts performance. No spreadsheets. Just clean, intelligent reporting that moves as fast as you do.

Learn more at www.autographanalytics.com

You read to the bottom. Amazing!