Beginning August 31, 2025, the ‘Scattered Lapsus$ Hunters’ alliance — a cybercrime consortium of Scattered Spider (initial access/social engineering), LAPSUS$ (extortion/amplification), and ShinyHunters (data harvesting) — attacked Jaguar Land Rover. JLR paused production on September 1; manufacturing plants across UK, Slovakia, Brazil, and India were shut down for approximately five weeks. The group claimed responsibility via Telegram and leaked screenshots of internal systems including the jlrint.com domain. The attack is estimated to be the most costly cyberattack in British history, with estimated economic damage of £1.9 billion and confirmed costs of £196 million. The attack originated from social engineering and credential abuse rather than zero-day exploits, exploiting weak network segmentation and inadequate detection.