Jaguar Land Rover dealership sign under a blue sky, representing the growing group litigation for Jaguar owners over alleged diesel particulate filter defects.

Jaguar Land Rover confirms data was stolen in cyberattack

On 10 September 2025, Jaguar Land Rover (JLR) confirmed for the first time that data was stolen during the cyberattack that forced the company to shut down systems and halt production earlier this month.

What JLR has said so far

In its latest statement, JLR admitted that “some data has been affected” as a result of the attack. The company did not specify:

  • What type of data was accessed
  • How much information may have been stolen
  • Whether any of its 30,000 employees are among those affected. 

JLR added that its forensic investigation “continues at pace” and that it will “contact anyone as appropriate if we find that their data has been impacted.”

Why this update matters

Until now, JLR had maintained there was “no evidence” that customer or employee data had been stolen. That position has now changed. Confirmation that data has in fact been taken means the risks for customers and staff are real, even if the full scale is not yet known.

This shift is important because stolen data can lead to a range of harms, from targeted phishing emails to identity theft. It also raises serious questions about JLR’s handling of security — particularly as this is the second major data-related incident the company has suffered in 2025.

What it could mean for customers and employees

Cybersecurity experts warn that breaches of this scale can have serious consequences for anyone whose data has been affected. The full impact often isn’t known for weeks or even months. Key risks include:

  • Delayed fallout: Stolen data may not appear immediately, but can surface later on criminal forums.
  • Phishing and scams: Both customers and employees may be targeted with convincing scam emails, texts or calls designed to steal further details.
  • Identity theft: If sensitive information such as addresses, payroll records or financial details are exposed, criminals could use them to commit fraud.
  • Knock-on risks:  Even if only employee data is confirmed as stolen, attackers may try to exploit this to reach customers, for example by impersonating staff in emails or calls.

A data breach can leave you exposed to scams, ID fraud, and credit damage. But you’re not powerless. Our handy guide explores what you can do right now to protect yourself.

What you should do now

The investigation is ongoing, but JLR customers and employees should take sensible precautions:

  • Be alert to phishing emails or texts that claim to come from JLR.
  • Don’t click on suspicious links or hand over personal details.
  • Check with Join the Claim to see whether you may be eligible for compensation if a group action follows.
Find out more

Join the Claim connects consumers with SRA-regulated lawyers. Visit the claim page to check your eligibility if a claim is open with one of our trusted legal partners. If a group action has not yet been launched, you can register your interest and we’ll keep you informed if a partner firm decides to take a claim forward.  

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

women travelers,waiting at train station journey,with luggage and large backpacks
Interrail data breach: why some travellers are being told to replace passports
Over 300,000 Interrail travellers had personal data exposed in a cyber incident. Some are now being advised to replace passports.
technician of health with blood tubes in the clinical lab for analytical / hand of doctor holding blood sample in tube test for analysis in laboratory
Nearly 200 Biobank data incidents raise concern as more private health records found online
UK Biobank data has reportedly been leaked nearly 200 times in a year. Here’s what it means for participants.
April calendar 2026 with Join the claim logo
What we’ve been working on at Join the Claim in April
A round-up of what we’ve been working on in April at Join the Claim, including new claims to watch, legal developments and practical consumer guides.
Warning road sign against a stormy sky saying Scam Alert
Scam alert update: April 2026
Stay alert this April with the latest scam warnings from Join the Claim
Smartphone on surface showing Google Play logo. Google Play is an app store.
What the Google Play Store claim means for UK users
Used the Google Play Store on an Android device between 2015 and 2024? Here’s what the UK claim against Google means for you.
Diagonal test tubes with blood with blue lids ready for test. Concept of medicine and science. 3d rendering
UK Biobank breach: can anonymised health data be traced back to you?
 UK Biobank says the leaked data was anonymised — but experts warn it may still be identifiable. Here’s why that matters.
A scientist in a white lab coat looks through a microscope in a laboratory. Another person is seen working in the background. The scene shows a busy research environment with equipment.
UK Biobank data listed for sale: what happened and what it means
 Health data from 500,000 UK Biobank participants was listed for sale online. Here’s what was exposed, what wasn’t, and why it matters.
Woman using Booking.com app
Booking.com scams explained: what “reservation hijacking” means for travellers
  A data breach at Booking.com is now being linked to a rise in so-called “reservation hijacking” scams. Here’s how to protect yourself.
employee and colleagues brainstorming how to fix employee data breach affecting systems
Employee data breaches are rising: what it means for your data
Employee data breaches are increasing across the UK. Here’s what’s happening & what it means for your personal information.
Man using smartphone to cancel subscription on digital app interface. Unsubscribe from online service membership or payment plan.
New laws will make it easier to cancel subscriptions and get refunds
New UK laws will make it easier to cancel subscriptions and get refunds. Here’s how subscription traps are being tackled.
AI concept Artificial Intelligence technology circuit motherboard chip computer
The dangers of AI: what consumers need to know
From data misuse and deepfakes to harmful content and bias, learn how AI can go wrong and what it means for your rights in the UK.
woman use booking app, booking com logo on the screen
Booking.com data breach: what travellers need to know
Booking.com has confirmed a data breach affecting customer booking details. Here’s how to protect yourself.
What claims should be on your radar in April 2026?
Several major compensation claims are developing in the UK this spring, including cases involving Apple, Amazon, Steam and major data breaches.
Rightmove website on the display of PC
Rightmove £1.5bn claim filed: what estate agents need to know
A £1.5bn legal claim has been filed against Rightmove, accusing the property giant of charging excessive fees to estate agents. Here’s what’s happening and what it could mean.
Hands, phone and person in home with scrolling, social media
Meta blocks ads linked to social media addiction lawsuits
Meta has removed adverts from law firms seeking clients for social media addiction lawsuits, following recent legal setbacks in the US.
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.

© Join the Claim All Rights Reserved |

2026
Go to claims