Jaguar Land Rover failed to finish cyber insurance purchase

Jaguar Land Rover, Britain’s largest automaker, is contending with the fallout from a crippling cyberattack that has forced it to keep three factories offline until Oct. 1. The financial toll is already staggering, but the blow has been made worse by the company’s failure to secure cyber insurance coverage before the incident struck.

According to Reuters, JLR had been negotiating a policy through broker Lockton but had not finalized the deal. As a result, the company is believed to lack direct coverage for what has quickly become one of the most disruptive cyber events to hit the U.K. manufacturing sector.

Without insurance to absorb business interruption losses, the automaker is shouldering the full weight of the shutdown, estimated by the BBC at £50 million ($68 million) per week. More than 30,000 employees have been told to stay home, while suppliers across the country warn of financial strain.

The absence of coverage comes at a pivotal moment for the cyber market. JLR’s troubles have handed the cyber market an unwelcome stress test at the start of the autumn renewal season. Underwriters are watching closely how a global manufacturer copes when downtime cascades through its production lines and supply chains without an insurer to step in.

The case also raises questions for brokers and risk managers: how close to the line can large corporates cut their renewal or placement timelines, and what exposure do they accept in the interim? For insurers, the episode underscores how costly the timing of cover can be when operational technology and just-in-time manufacturing are at stake.

Investigators have linked the attack to Scattered Spider, a hacking group blamed for earlier breaches at British retailers. Reports suggest the attackers may have exploited a vulnerability in SAP software. If true, the incident would sharpen focus on vendor governance and patch management, already a key underwriting concern.

The prospect of a manufacturer without coverage absorbing systemic disruption only adds to reinsurers’ worries. Automotive production is concentrated, digitally synchronized, and dependent on a small number of technology platforms. A cyber incident at a single firm can quickly reverberate through the wider sector.

British officials, mindful of the economic stakes, have pledged to work with Jaguar Land Rover and its suppliers. “We have two priorities – helping Jaguar Land Rover get back up and running as soon as possible and the long-term health of the supply chain,” industry minister Chris McDonald said.

The Unite trade union has warned of potential job losses across the 104,000 roles tied to JLR’s production footprint, and S&P Global has noted the knock-on effect of the shutdown in its latest U.K. manufacturing survey.

For insurers, brokers, and risk professionals, the lesson is unambiguous: the failure to complete a cyber insurance placement can leave even a blue-chip manufacturer dangerously exposed. In an era when criminal groups target operational technology with growing sophistication, gaps in coverage are not just financial missteps—they are existential vulnerabilities.

The timing of JLR’s gap in coverage stands in sharp relief against another high-profile British cyberattack. Marks & Spencer, which recently fell victim to a breach attributed to the same Scattered Spider group, is expected to recover more than £100 million through its layered cyber insurance program.

That payout will not erase the reputational damage or operational headaches, but it provides a substantial financial cushion at a moment of crisis. JLR, by contrast, faces mounting costs with no insurer to turn to – an outcome that underscores the strategic importance of cyber coverage, particularly for enterprises with complex supply chains and high fixed costs.

Jaguar Land Rover has said it is preparing a phased restart plan and continuing its investigation. But for the insurance industry, the damage has already provided a stark case study in the cost of going bare.