- UK government’s £1.5B bailout of JLR sparks criticism as “unfortunate precedent”
- 2025 cyberattack by Scattered Lapsus Hunters shut down production, costing UK economy up to £1.9B
- Experts urge clear bailout framework instead of ad-hoc responses to major cyber incidents
Not everyone is happy with the fact that the UK government is bailing out Jaguar Land Rover (JLR) after the catastrophic 2025 cyberattack, with some calling it an “unfortunate precedent”.
Last week, the UK Cyber Monitoring Centre held a “2025 Year in Review” event, hosted by the RUSI Cyber and Tech team. Among the speakers were Ciaran Martin, Chair of the Cyber Monitoring Centre Technical Committee and RUSI Distinguished Fellow, Baroness Tracey Paul, Chief Strategy and Communications Officer, Pool Re, and Gaven Smith, CMC Technical Committee Member and Former Director General for Technology at GCHQ.
Commenting on the fact that the UK government announced a £1.5 billion bailout package for the troubled carmaker, Martin said: "I think the loan guarantee is an unfortunate precedent because the government intervened in a case-specific way... without clear criteria. Otherwise you'll just end up with a series of ad hoc precedents that will leave nobody any the wiser."
Article continues belowScattered Lapsus Hunters
The JLR attack began in late August 2025, when hackers breached internal IT systems, forcing the company to shut down global production. Factories were idle for about five weeks, staff were sent home, and supply chains across thousands of businesses were disrupted.
A group called Scattered Lapsus Hunters claimed responsibility for the attack which caused hundreds of millions in direct losses, pushed the company into a quarterly loss, and is estimated to have cost the UK economy up to £1.9 billion overall.
In late September 2025, Business Secretary Peter Kyle announced JLR would be getting a loan from a commercial bank, backed by the Export Development Guarantee (EDG) provided by export credit agency UK Export Finance. The loan would be paid back over five years and would give JLR enough cash reserves to support its supply chain.
But for Martin, solving these cases ad-hoc is not the way forward. "It would be better to have a framework... rather than a response to events," he said.
Scattered Lapsus Hunters stole a mix of corporate and personal data, including payroll and HR information, internal documents, development logs, and even proprietary source code. Since they were moving laterally throughout the network, JLR had to shut down its own systems to contain the attack and prevent further spread.
Via The Register
➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.