Security Breach – 12 Sep 2025

Exploit: Hacking

Risk to Business: Moderate: Jaguar Land Rover (JLR) has suspended production at multiple sites following a cyberattack that infiltrated its internal IT systems, with disruptions expected to last into October. Thousands of workers at JLR’s Halewood, Solihull and Wolverhampton. U.K. plants have been told to stay home until the issue is resolved, though they will continue to be paid. Similar pauses affect JLR operations in Slovakia, Brazil and India. While dealerships and garages remain open, suppliers including WHS Plastics, Evtec, OPmobility and SurTec have also been impacted. A Telegram channel linked to hacking groups Scattered Spider, Lapsus$ and ShinyHunters has posted screenshots of what appear to be JLR’s internal systems. Scattered Spider, previously tied to attacks on M&S, Co-op and Harrods, is suspected of involvement.

United States – Salesloft Drift – Technology 

Exploit: Hacking

Risk to Business: Moderate: Cloudflare, Zscaler and Palo Alto Networks confirmed this week that they were affected by a hacking campaign exploiting integrations with Salesloft Drift, an AI platform connected to Salesforce systems. The campaign, attributed to threat actor UNC6395, ran between August 8 -18 and may have impacted more than 700 companies. Salesloft said attackers used stolen credentials to exfiltrate customer data via its Drift chatbot tool, acquired last year. While Salesforce disconnected Salesloft as a precaution, the company said it has seen no evidence of malicious activity within the platform itself.

Talk to a TCT team member today about implementing IT strategy plan for your business.