A gaggle of younger English-speaking hackers are claiming to be behind the cyber assault which has halted the worldwide manufacturing traces of Jaguar Land Rover (JLR).
The group is bragging concerning the hack on the messaging app Telegram, sharing screenshots apparently taken from contained in the automotive maker’s IT networks.
The gangs can also be answerable for a wave of cyber assaults on UK retailers together with M&S within the spring – and are calling themselves “Scattered Lapsus$ Hunters”.
“The place is my new automotive, Land Rover,” the hackers – who’re considered teenagers – posted to taunt the corporate.
The BBC has approached JLR for remark.
In personal textual content conversations with one of many criminals, who claims to be the spokesperson for the group, they mentioned they’re making an attempt to extort the automotive firm for cash.
However the hacker wouldn’t say if they’ve efficiently stolen personal information from JLR or put in malicious software program onto the corporate’s community.
The hacker would not present any extra proof they’re answerable for the hack – and they’re identified to misinform get consideration.
However two photos posted by the group present obvious inside directions for troubleshooting a automotive charging challenge and inside laptop logs.
One safety knowledgeable has speculated the screenshots counsel the criminals have entry to data they need to not have.
“Based mostly on the knowledge offered by the attackers and open supply intelligence, the assault has entry to JLR’s inside programs and community,” safety researcher Kevin Beaumont mentioned.
A spokesperson for the Data Commissioner’s Workplace mentioned: “Jaguar Land Rover has reported an incident and we’re assessing the knowledge offered.”
Automobile manufacturing at websites together with the Halewood plant in Merseyside and one other in Solihull have been closely disrupted for the reason that assault was found on Sunday.
Employees have been despatched dwelling and JLR has mentioned it is working to get manufacturing again on-line.
The corporate has not disclosed the character of the assault.
“We took instant motion to mitigate its influence by proactively shutting down our programs, it mentioned in an announcement.
“We are actually working at tempo to restart our international purposes in a managed method.
“At this stage there isn’t a proof any buyer information has been stolen however our retail and manufacturing actions have been severely disrupted.”
The hackers selected the identify Scattered Lapsus$ Hunters to replicate the merging of assorted youth-orientated cyber criminals who’re all related to a community known as The Com.
Earlier this yr the Nationwide Crime Company warned of the rising risk from cyber criminals in The Com.
The newly named group is a mix of hackers who’ve been a part of the teams Shiny Hunters, Lapsus$ and Scattered Spider – all infamous younger hacking teams of the previous few years that emerged from The Com.
The Telegram channel utilized by the criminals now has almost 52,000 subscribers. The group has been bragging about hacks and sharing incomprehensible in-jokes for days.
It is the forth such Telegram channel as earlier ones have been closed down.
Scattered Spider is identify of a loosely linked group of hackers answerable for excessive profile assaults on M&S, Co-op and Harrods in April and Might.
In July the Nationwide Crime Company arrested 4 folks in connection to the hacks.
A 20-year-old lady was arrested in Staffordshire, and three males – aged between 17 and 19 – have been detained in London and the West Midlands. All have since been launched on bail.
