Bank of England says JLR’s cyberattack contributed to UK’s unexpectedly slower GDP growth

Steven

Bank of England says JLR’s cyberattack contributed to UK’s unexpectedly slower GDP growth

Summary

The Bank of England said the cyberattack on Jaguar Land Rover (JLR) was a material factor behind the UK’s weaker-than-expected GDP growth in Q3 2025. The BoE held interest rates at 4% and revised its Q3 headline GDP growth projection to 0.2% (down from the 0.3% forecast in its August report), citing weaker US exports and JLR’s production halt as key causes.

The attack forced JLR to stop making cars for about a month, prompted government financial support, and was classified by the Cyber Monitoring Centre as a Category 3 systemic event with potential costs to the local economy of up to £2.1bn. The incident affected JLR’s plants and its wider supply chain and comes amid a wider surge in significant cyber incidents across the UK.

Key Points

  • The BoE attributes part of the Q3 2025 GDP slowdown (0.2% vs 0.3% forecast) to the JLR cyberattack and weaker exports to the US.
  • JLR halted vehicle production for roughly a month; the government stepped in with financial support to stabilise the company.
  • The Cyber Monitoring Centre deemed the attack a Category 3 systemic event — potential local economic costs up to £2.1bn; JLR revenue losses are estimated to exceed £2bn.
  • The shutdown disrupted multiple national plants and an extensive supply chain, influencing the government’s rare intervention.
  • Other major UK firms (M&S, Co-op, Harrods) suffered costly incidents this year; M&S expects around £136m of clean-up costs, partly covered by insurance.
  • The NCSC reports a sharp rise in nationally significant cyber incidents (204 up from 89 year-on-year) and has urged urgent action from business leaders.

Context and Relevance

This is significant because a major central bank linking a corporate cyberattack to national GDP marks a shift: cyber incidents can now cause measurable macroeconomic and fiscal harm. The story underlines supply-chain vulnerability, the limits and role of cyber insurance, and the need for clearer corporate and governmental contingency planning. It also strengthens the case for businesses to prioritise cyber resilience as a core part of operational and financial risk management.

Why should I read this?

Short and blunt: this is no longer just a tech problem. If you run supply chains, manage risk, or shape policy, this shows cyber shocks can spill over into real economic damage and government action. Read it so you’re not the one caught off guard.

Author style

Punchy — and worth your attention. The Bank of England naming a cyber incident as a drag on GDP is a watershed moment; the details matter for anyone involved in finance, corporate resilience or national security.

Source

Source: https://go.theregister.com/feed/www.theregister.com/2025/11/07/bank_of_england_says_jlrs/