JLR production line

The months of August, September and October 2025 witnessed a critical surge in high-profile cyberattacks, exposing significant vulnerabilities in the UK’s supply chains and national infrastructure. These recent breaches demonstrate that while some threat actors seek simple financial gain, others aim for maximum disruption, impacting production, travel and public confidence.

Here is an overview of the most prominent cyber incidents to affect UK organisations in the autumn of this year:

Jaguar Land Rover (JLR) Production Paralysis

The most costly incident was the cyberattack that crippled British car manufacturer Jaguar Land Rover (JLR). The offensive began on the final day of August, forcing the company to enact a prolonged shutdown of global operations. The attack severely disrupted production at JLR’s main UK factories for over a month.

Experts suggest the financial impact was staggering, with lost revenue hitting an estimated £1.7 billion and profits reduced by £120 million, a figure widely reported in the press, including The Guardian. The attack complicated the wider automotive supply chain, leading to difficulties for the numerous small and medium-sized enterprises that rely on JLR. The company only commenced a phased restart of manufacturing operations in October.

The Vulnerability of Retail Supply Chains: Harrods

Luxury retailer Harrods was targeted in September, suffering a major data breach through a compromised third-party provider. Hackers accessed and stole records linked to 430,000 customers. While the company stated that payment details and passwords remained secure, personal information including names, contact details, and marketing or loyalty card information may have been exposed.

This incident was particularly notable as it occurred just months after an unrelated hacking attempt on the store’s internal systems in May, underscoring the relentless nature of attacks on major retail brands.

Targeting the Most Vulnerable: Kido International

In a disturbing development, the childcare provider Kido International, which operates nurseries across Greater London, was breached by the Radiant ransomware group in September. The attackers stole personal data belonging to over 8,000 children and threatened to publish sensitive details.

The exposed information included names, photos, home addresses and family contact information, demonstrating a clear disregard for safeguarding principles. The Met Police subsequently made two arrests in connection with the attack, highlighting the collaborative effort between private security and law enforcement to minimise the impact of such criminal actions.

Aviation Disruption: The Heathrow Incident

London’s Heathrow Airport experienced major travel disruption in September following a ransomware attack on Collins Aerospace, a key software supplier. Collins Aerospace provides electronic check-in and baggage services to airports globally.

Although the attack targeted a European vendor, the UK felt the immediate, physical consequences. The incident caused significant delays for European travellers and forced Terminal 4 at Heathrow to resort to manual check-ins. This event powerfully illustrates how a single vulnerability within a technology supply chain can halt critical operations at major transport hubs.

The Need for Proactive Defence

These recent incidents confirm that cybercrime is now a central challenge for UK businesses. The costs are financial, reputational and operational. To properly address these sophisticated threats, organisations must prioritise their cyber security investment. Implementing multi-factor authentication, ensuring comprehensive employee training and, critically, scrutinising the cyber defence postures of all third-party suppliers are essential steps to protecting UK interests.

Leave Comment