A group of young English-speaking hackers has claimed responsibility for the cyberattack that brought Jaguar Land Rover’s (JLR) global production lines to a halt.
Hackers Boast on Telegram
The group, calling itself Scattered Lapsus$ Hunters, posted on Telegram screenshots that appeared to come from JLR’s internal IT systems. They taunted the company with posts such as: “Where is my new car, Land Rover?”
JLR confirmed it was aware of the claims and is investigating. It is believed the hackers are now attempting to extort the automaker, though they did not confirm whether sensitive data was stolen or malicious software was installed.
Car production at JLR plants, including Halewood in Merseyside and Solihull, has been heavily affected since the attack was detected on Sunday. Some staff have been sent home while the company works to restore operations.
“We took immediate action to mitigate its impact by proactively shutting down our systems,” JLR said in a statement. “At this stage there is no evidence any customer data has been stolen, but our retail and production activities have been severely disrupted.”
Security researcher Kevin Beaumont said the screenshots shared by the group suggested access to information they should not have, possibly indicating a serious breach. The Information Commissioner’s Office confirmed JLR had reported an incident and said it was assessing the situation.
A Network of Young Cybercriminals
Scattered Lapsus$ Hunters appears to be a mix of members from earlier groups such as Shiny Hunters, Lapsus$, and Scattered Spider — all linked to a network known as The Com. The group’s Telegram channel has nearly 52,000 subscribers, where they boast about their exploits and post cryptic in-jokes.
Earlier this year, the National Crime Agency (NCA) warned about the rising threat from youth-led hacking networks like The Com. In July, the NCA arrested four people connected to attacks on UK retailers including M&S, Co-op, and Harrods. Those arrested, aged between 17 and 20, were later released on bail.
What The Author Thinks
What makes this case troubling is not just the disruption to JLR’s factories but the fact that groups of teenagers are leading increasingly sophisticated cyberattacks against global companies. While some may see this as youthful bravado or rebellion, the reality is that they’re undermining critical industries and risking serious consequences. As these groups grow bolder, companies and governments will need to rethink cybersecurity education and deterrence before more damaging incidents spiral out of control.
Featured image credit: PxHere
For more stories like it, click the +Follow button at the top of this page to follow us.