Has Jaguar Land Rover done enough to protect your data?

UPDATE: On 10 September 2025, Jaguar Land Rover (JLR) confirmed for the first time that data was stolen during the cyberattack that forced the company to shut down systems and halt production earlier this month.

Jaguar Land Rover (JLR) is one of the UK’s biggest car brands – but 2025 has been a tough year for its IT security. A cyberattack in September forced the company to halt production and shut down systems worldwide. And it wasn’t the first incident this year.

JLR’s responsibility under UK law

Big companies like JLR are legally required to protect customer and employee data under the UK’s data protection rules. This includes keeping IT systems secure, reporting incidents quickly, and ensuring personal information isn’t exposed to unnecessary risk.

However, in early September 2025, the luxury car manufacturer was hit by a major cyberattack. While JLR’s initial statement said there was “no evidence” that customer data had been stolen, the full impact of this security failure remains unclear.

Who was behind the September cyberattack?

Soon after the September cyberattack, responsibility was claimed on a Telegram channel linked to three notorious English-speaking hacker groups: Scattered Spider, Lapsus$ and ShinyHunters. The channel posted what appeared to be a screenshot of JLR’s internal IT systems, alongside a news article about the attack.

Scattered Spider, in particular, has built a reputation for targeting major UK retailers. This year alone, the group has been linked to attacks on Marks & Spencer, the Co-op and Harrods. In July, UK police arrested four people – including three teenagers – as part of their investigation into the retail cyberattacks.

JLR’s earlier data breach in 2025

The September attack wasn’t the first time JLR faced a major security incident this year. Back in March 2025, the Hellcat ransomware group claimed responsibility for hacking JLR and leaking around 350GB of sensitive data. According to cybersecurity experts, the stolen files included proprietary documents, source code, and employee details. 

Why customers are concerned

For many JLR customers, the fact that multiple serious security violations have occurred in the same year is concerning. Some of the main concerns include:

  • Repeated incidents: With at least two major security breaches in 2025, JLR’s ability to safeguard information is under serious scrutiny.
  • Severe disruption: The September attack halted production and stopped dealerships from registering new cars, showing how vulnerable the company’s systems can be.
  • Future risks: Even though JLR says there’s “no evidence” of data theft in the September incident, experts warn that stolen details often surface months later. 
  • Risk of scams: Even if no data has been stolen in the latest cyber incident, hackers may try to take advantage of the situation, so vigilance is needed now. 

Whether it’s a leaked email address, stolen passwords, or worse, a data breach can leave you exposed to scams, ID fraud, and credit damage. But you’re not powerless. Our handy guide explores what you can do right now to protect yourself and hold the offending organisation accountable.

Holding big brands to account

When household names fail to meet their responsibilities, it’s customers who are left exposed. That’s why group claims exist – to give ordinary people the chance to stand up to global corporations and demand better protection.

The investigation into JLR’s cyberattack is still ongoing. If you’re a Jaguar or Land Rover customer, the best way to protect your position is to stay informed. By registering with Join the Claim, you’ll receive updates on the case and be notified straight away if a group claim is launched by a UK law firm.

You can also follow our news page for the latest developments – from legal analysis to expert advice on how incidents like this may affect customers in the long run.

Find out more

Join the Claim connects consumers with SRA-regulated lawyers. Visit the claim page to check your eligibility if a claim is open with one of our trusted legal partners. If a group action has not yet been launched, you can register your interest and we’ll keep you informed if a partner firm decides to take a claim forward.  

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

women travelers,waiting at train station journey,with luggage and large backpacks
Interrail data breach: why some travellers are being told to replace passports
Over 300,000 Interrail travellers had personal data exposed in a cyber incident. Some are now being advised to replace passports.
technician of health with blood tubes in the clinical lab for analytical / hand of doctor holding blood sample in tube test for analysis in laboratory
Nearly 200 Biobank data incidents raise concern as more private health records found online
UK Biobank data has reportedly been leaked nearly 200 times in a year. Here’s what it means for participants.
April calendar 2026 with Join the claim logo
What we’ve been working on at Join the Claim in April
A round-up of what we’ve been working on in April at Join the Claim, including new claims to watch, legal developments and practical consumer guides.
Warning road sign against a stormy sky saying Scam Alert
Scam alert update: April 2026
Stay alert this April with the latest scam warnings from Join the Claim
Smartphone on surface showing Google Play logo. Google Play is an app store.
What the Google Play Store claim means for UK users
Used the Google Play Store on an Android device between 2015 and 2024? Here’s what the UK claim against Google means for you.
Diagonal test tubes with blood with blue lids ready for test. Concept of medicine and science. 3d rendering
UK Biobank breach: can anonymised health data be traced back to you?
 UK Biobank says the leaked data was anonymised — but experts warn it may still be identifiable. Here’s why that matters.
A scientist in a white lab coat looks through a microscope in a laboratory. Another person is seen working in the background. The scene shows a busy research environment with equipment.
UK Biobank data listed for sale: what happened and what it means
 Health data from 500,000 UK Biobank participants was listed for sale online. Here’s what was exposed, what wasn’t, and why it matters.
Woman using Booking.com app
Booking.com scams explained: what “reservation hijacking” means for travellers
  A data breach at Booking.com is now being linked to a rise in so-called “reservation hijacking” scams. Here’s how to protect yourself.
employee and colleagues brainstorming how to fix employee data breach affecting systems
Employee data breaches are rising: what it means for your data
Employee data breaches are increasing across the UK. Here’s what’s happening & what it means for your personal information.
Man using smartphone to cancel subscription on digital app interface. Unsubscribe from online service membership or payment plan.
New laws will make it easier to cancel subscriptions and get refunds
New UK laws will make it easier to cancel subscriptions and get refunds. Here’s how subscription traps are being tackled.
AI concept Artificial Intelligence technology circuit motherboard chip computer
The dangers of AI: what consumers need to know
From data misuse and deepfakes to harmful content and bias, learn how AI can go wrong and what it means for your rights in the UK.
woman use booking app, booking com logo on the screen
Booking.com data breach: what travellers need to know
Booking.com has confirmed a data breach affecting customer booking details. Here’s how to protect yourself.
What claims should be on your radar in April 2026?
Several major compensation claims are developing in the UK this spring, including cases involving Apple, Amazon, Steam and major data breaches.
Rightmove website on the display of PC
Rightmove £1.5bn claim filed: what estate agents need to know
A £1.5bn legal claim has been filed against Rightmove, accusing the property giant of charging excessive fees to estate agents. Here’s what’s happening and what it could mean.
Hands, phone and person in home with scrolling, social media
Meta blocks ads linked to social media addiction lawsuits
Meta has removed adverts from law firms seeking clients for social media addiction lawsuits, following recent legal setbacks in the US.
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.

© Join the Claim All Rights Reserved |

2026
Go to claims