Cybersecurity has become an unexpected speed bump on the road to digitalizing the automotive industry.
Recent cyber attacks on Jaguar Land Rover and Stellantis have exposed how vulnerable the sector is in its ability to deliver on the customer experience it promises to the consumers and business clients across its sprawling supply chain.
Typically, the conversation in automotive CX centers on showroom experience, mobile apps, and increasingly, infotainment systems. But behind the scenes, a vast B2B ecosystem powers the industry: OEMs, Tier 1 suppliers, dealerships, fleet operators, and logistics partners all rely on secure digital infrastructure to manage their relationships and keep things moving.
These business customers expect seamless access to portals, real-time order tracking, and reliable service delivery. When a cyberattack hits, the effects reverberate through a vast B2B ecosystem, touching business partners whose operations depend on trust and uptime.
“The recent cybersecurity breaches at Jaguar Land Rover and Stellantis highlight the threats that can disrupt the modern automotive supply chain,” Jeff Collins, CEO of WanAware told CX Today.
“These attacks underscore the significant vulnerabilities inherent in the industry’s vast web of interconnected software and service partners. Together they reveal a critical industry-wide exposure; the automotive ecosystem is not only susceptible to production-halting attacks on core manufacturing but also to data breaches through its extended digital supply chain, eroding confidence, necessitating a more holistic and collaborative security strategy.”
Stellantis stated on September 21 that it had recently detected “unauthorized access to a third-party service provider’s platform that supports our North American customer service operations.”
The personal customer information involved was limited to contact information, the company said. “Importantly, the affected platform does not store financial or sensitive personal information, and none was accessed.” Stellantis notified the appropriate authorities and informed affected customers directly.
The incident raised alarms about third-party risk and the fragility of integrated platforms that underpin B2B relationships.
Jaguar Land Rover faces a different kind of breach, the effects of which are still ongoing. The automaker was hit by a cyberattack in late August, which forced the company to shut down its IT networks and suspend production at its factories in the UK, Slovakia, Brazil and India.
The company initially said there was no evidence that customer data had been stolen, but later stated that “we now believe that some data has been affected.”
The impact of the attack was so extensive that the company halted production on September 1 and subsequently delayed its restart into October, a symptom of the increasingly interconnected and automated approach to car manufacturing that can make it difficult to isolate individual systems.
The disruption has spread far beyond JLR’s factory floors. Suppliers have reported cancelled orders and delayed payments, and dealers have been left unable to access parts ordering systems or complete customer transactions.
JLR set up a help desk for suppliers and has been trying to share information on the extent of its supply chain, which may include more than 700 companies manufacturing the 30,000 parts that can make up a luxury car, the Guardian reported.
For instance, JLR is the main customer of Autins, an automotive insulation supplier, and the production halt “has had a material effect” on its operations, the company stated in its trading update on September 17.
Cando Wango, National Cybersecurity Solutions Architect at AllCovered, the IT services division of Konica Minolta, told CX Today:
“It was startling to learn that Jaguar was brought to a complete standstill a full month after its breach, with projections of another month of downtime to follow—losses compounding without a clear resolution in sight.”
“It raised pressing questions: Had their incident response plan been tested? Were disaster recovery drills conducted? Were their recovery time objectives (RTOs) and recovery point objectives (RPOs) clearly defined? It is difficult to comprehend how an organization of such stature and history could be left so exposed.”
JLR announced a phased restart of its manufacturing operations starting at its facilities in the West Midlands, UK, as well as plants in Castle Bromwich, Halewood and Solihull, UK, and Slovakia. “Further updates on the next steps of the controlled, phased restart will follow,” the company said. This gradual return to production highlights the extent of disruption caused by the cyber attack, suggesting that the incident affected critical operational systems and supply chain coordination.
The Ripple Effect Across the Supply Chain
“Automotive manufacturers have become as much software as transportation companies, facing all the challenges inherent to software security,” according to a report by professional transport association SAE International.
While automakers still produce some equipment, their focus is increasingly on research and development, supply chain management, and final product assembly, all of which are managed by multi-layered software systems.
A staggering 84% of respondents to an SAE survey said that they were concerned cybersecurity practices are not keeping pace with evolving technologies in the industry, and 73% expressed concern about the cybersecurity posture of automotive technologies supplied by third parties. And 63% test less than half of hardware, software, or other technologies for vulnerabilities.
Cyber attacks on automotive companies don’t just cause temporary headaches—they trigger a cascade of CX failures along the supply chain.
- Customer portals or connected vehicle services can be disrupted, affecting clients’ business operations and eroding trust.
- Suppliers and dealerships can lose access to key systems like inventory and order management, throwing off delivery schedules and service appointments.
- Missed service-level agreements (SLAs) and late deliveries can come with financial penalties, strained partnerships, and pressure to renegotiate contracts.
- Fleet managers and logistics companies depend on connected platforms for real-time tracking and diagnostics. If those systems are breached or go offline, fleets can be left in the dark.
- Businesses can suffer reputational damage if their clients perceive a lack of transparency or resilience in crisis response, prompting them to reconsider relationships.
“This incident also highlights broader industry and supply chain concerns. Is this an isolated case, or a warning sign of what’s to come?” Wango said. ”If Jaguar’s experience is any indication that the automotive sector is a “glass house,” then we may soon see more cracks—and eventually shattered glass. Threat actors are opportunistic; once they spot vulnerabilities, they move quickly to exploit them.”
Cybersecurity is no longer just an IT concern; it’s a core component of customer experience. Business clients want to know that their data is safe, their operations won’t be disrupted, and that contingency plans are in place.
Recovery is a CX Strategy
Jonathon Ellison, NCSC Director of National Resilience, highlighted in a recent blog post that beyond prevention, recovery hinges on preparation:
“The organizations that handle incidents best are the ones that have rehearsed them. They understand what they need to do to keep their operations going without some or all of their technology estate.”
Enterprises should know their IT systems inside and out, conduct impact assessments, define roles, establish communication plans, and regularly run incident response exercises.
The NCSC also highlights the importance of collaboration and transparency across industries. By participating in sector-wide information-sharing groups and being open about cyber incidents and lessons learned, organizations can collectively strengthen their resilience and better protect the wider business ecosystem.
Once a security breach has occurred, it is important that a company not simply breathe a sigh of relief and move on. Recovery involves more than patching systems. Rebuilding relationships requires transparent communication with affected partners, restoration of services and access as quickly as possible, and clear timelines and accountability.
And it is crucial that the company make long-term improvements in data governance and third-party oversight.
Stellantis made the right moves in the immediate aftermath of its attack: “Upon discovery, we immediately activated our incident response protocols, initiated a comprehensive investigation, and took prompt action to contain and mitigate the situation,” the automaker stated. “We encourage customers to remain vigilant against potential phishing attempts and avoid clicking on suspicious links or sharing personal information in response to unexpected emails, texts, or calls.”
This is key, as malicious actors that have customer data in hand can use it to conduct phishing and social engineering attacks, as well as identity theft.
Cybersecurity as a Differentiator
As automotive companies continue to digitize, from connected vehicles to cloud-based supply chains, cybersecurity will become a key differentiator in B2B CX. Vendors and OEMs that can demonstrate robust data protection, secure integrations and resilience in the face of threats will stand out.
“In my recent work with organizations across industries, one fact has become increasingly clear: cybersecurity is the defining challenge of our era,” Wango said.
A strong security posture must be comprehensive, coordinated, integrated, and continuously optimized. Just as importantly, organizations must ensure they are not seen as “low-hanging fruit” for attackers. Given the extensive dialogue in recent years around cyber resilience, it is astonishing that any enterprise could overlook these fundamentals so completely.
“I hope this serves as a wake-up call across industries: cutting corners on cybersecurity does not save money—it only accelerates risk and, ultimately, puts the future of the business at stake.”
