Production issues at Jaguar Land Rover's Halewood plant, caused by a targeted cyber hack earlier this week, will last until at least Tuesday, it has been reported.

Workers have been told not to return to work until 9 September, the Liverpool Echo reports. Production at the site is understood to have been halted since 1 September.

It follows a cyber attack in which hackers claimed to have exploited a flaw in the British car maker’s IT system.

A notice sent to Halewood workers on 4 September stated: "Friday September 5 and Monday September 8: the leadership team has agreed that production associates will be stood down and will have hours banked in line with the corridor agreement.

"All colleagues are required to attend work as normal on Tuesday September 9 unless informed otherwise.”

Autocar understands the Solihull plant, where the Range Rover and Range Rover Sport are built, is also affected. JLR wouldn’t comment on the claims.

In an effort to combat the hack, JLR said it began “shutting down our systems” on Tuesday and is now in the process of rebuilding them. JLR was unable to confirm a timescale for the fix.

The issues are also affecting dealers, who are unable to order parts, can't code parts they do have to cars, and are unable – in some instances – to complete customer handovers.

In addition, they are having to manually register vehicles. This involves phoning the DVLA in each instance. Despite the shutdown, the brand has registered almost 6000 models this week.

Autocar first reported the issues affecting JLR on 1 September, when dealers couldn't register new cars on 'new plate day' , traditionally one of the year's busiest for registrations.

JLR's public-facing website appears to be fully operational, including the car configurator.

Who has claimed responsibility?

On 3 September, Scattered Spider – the group that hacked Marks & Spencer in May, causing seven weeks of disruption and costing £300 million in lost operating profit – claimed responsibility for the attack on JLR.

Along with fellow hacking group Shiny Hunters, it claims to have obtained customer data after exploiting a similar flaw in JLR’s IT system, The Telegraph reports.

The claim was made on a Telegram messenger group, where a user linked to the hackers posted a screenshot of what appeared to show JLR's internal system.

A member of the group told The Telegraph that a well-known flaw in SAP Netweaver - third-party software used by JLR - was exploited to access the data.

US cyber agency CISA warned about the flaw earlier this year. An update for the software was released, but whether JLR applied it is unknown.

It's also not known what data was taken or if a ransom demand has been made. 

JLR told Autocar in a statement on 3 September that “there is no evidence any customer data has been stolen”.

​According to The Telegraph, the hacking groups are believed to be made up of teenagers from English-speaking countries.