Jaguar Land Rover (JLR), the well-known luxury car company, is reported to be the latest victim of a cybersecurity breach. A threat actor known as "Rey" has publicly disclosed critical company records and personnel data on the infamous hacking forum BreachForums.
According to the reports, approximately 700 internal Jaguar Land Rover documents were made public as a result of the data breach, which is believed to have taken place around March 2025. Critical development logs, tracking information, and proprietary source codes are among the leaked documents.
Such materials are highly sensitive and could jeopardise the company's competitive advantage by supplying rivals or malicious actors with information about JLR's operational and strategic plans.
In addition to internal company records, a large personnel dataset has been compromised. This dataset contains private data such as usernames, email addresses, display names, and time zone data. The disclosure of personal information puts impacted employees at risk of identity theft, phishing schemes, and other targeted cyberattacks.
An anonymous threat actor known as "Rey" exposed the vulnerability on BreachForums. Rey made the hacked data available for download to cybercriminals and possible competitors, compounding the potential harm to JLR and its employees, security researchers stated.
For Jaguar Land Rover, this security issue may have far-reaching effects. Competitors may learn about the company's future plans, proprietary technologies, and strategic operations if confidential internal documents are made public. In the fiercely competitive automotive sector, this can result in a major competitive disadvantage.
The personnel dataset that was exposed also presents serious risks to organisational and individual security. Employees whose data was compromised need to be on the lookout for signs of fraud and targeted phishing attacks, among other cyberthreats.
Mitigation tips
Jaguar Land Rover has not yet commented on the data breach. It remains to be seen how the company will handle this issue and what steps it will take to minimise the damage. An internal investigation is anticipated to be initiated to investigate the scope of the breach and any flaws in the organization's security systems.
The organisation should perform a thorough internal investigation to discover vulnerabilities and upgrade its cybersecurity infrastructure. Affected personnel should change their passwords, enable two-factor authentication, and be wary of unsolicited communications, especially suspicious emails or messages.