Tata Consultancy Services (TCS), the parent company of British automaker Jaguar Land Rover (JLR), has moved quickly to strengthen its cybersecurity protocols following a major cyber attack on JLR in July 2025. To ensure the company does not suffer another significant breach, TCS has enlisted the help of three cybersecurity firms: Mandiant (a Google company), Unit 42 (from Palo Alto Networks), and Fenix24. These firms have been tasked with investigating the root causes of the cyber attack and assisting in the recovery of critical data while strengthening the company’s overall cybersecurity framework.
In October 2025, it was estimated that Jaguar Land Rover had incurred losses of nearly $2 billion due to the attack. In response, the British government stepped in to help by offering a loan of £1.5 billion (approximately $1.9 billion) to mitigate the financial impact. This intervention was crucial, as without it, the company might have faced irreversible damage from class action lawsuits, regulatory penalties, and significant damage to its brand reputation.
TCS, which is renowned globally for its IT services, expressed concern about the potential fallout from the data breach, which could have led to severe legal and financial consequences. To prevent further leaks of sensitive information, TCS has partnered with Mandiant to monitor the dark web for any traces of the stolen data. This initiative is part of a broader effort to ensure that JLR’s cybersecurity posture is vastly improved, and that any future vulnerabilities are swiftly addressed.
As part of its recovery plan, TCS has introduced new security protocols to safeguard against future cyber threats. One of the first steps taken is the implementation of a video-based AI verification system for employees in key positions. The system will ensure that critical IT personnel are properly authenticated before accessing sensitive company data. Additionally, the AI-powered software will continuously monitor the company’s IT infrastructure, tracking potential hackers and neutralizing their activities before they can cause harm.
Moreover, TCS has set up a dedicated cybersecurity team, consisting of more than 150 experts divided into six specialized teams. These professionals will provide 24/7 surveillance of JLR’s production units and work to prevent future cyber attacks. Their role is not only to protect the company’s assets but also to implement proactive measures to anticipate and counter any emerging threats to the business.
TCS’s involvement with JLR began in 2023 when the Indian multinational conglomerate took over the British automaker. Later that year, TCS signed a significant five-year, $1 billion IT transformation deal with JLR, covering cloud migration, cybersecurity, data services, application development, and back-end IT support. The cyber attack on JLR highlighted the vulnerability of its production systems, which were disrupted due to software malfunctions triggered by the breach. The ongoing recovery process is a reminder of the increasing importance of robust cybersecurity frameworks in the automotive industry, particularly as companies integrate more complex digital systems into their operations.
TCS’s swift action following the cyber attack underscores the company’s commitment to protecting its assets and ensuring business continuity for JLR. While the road to full recovery may take time, the steps taken by TCS and the support from the British government demonstrate a concerted effort to protect the integrity of JLR and its future operations.
Join our LinkedIn group Information Security Community!
