What can we learn from recent cyberattacks? (Asahi, JLR & Harrods)

In 2025, we have seen an influx of large, well-known companies falling victim to cyber incidents. To help you prepare for and understand these cyber risks, we’ve gathered three of the latest cyber-attacks that have made the headlines: the disruption at Japanese brewery Asahi, the severe attack on Jaguar Land Rover, and the data breach involving Harrods via a third-party supplier.

Though these are large organisations, the challenges they faced and the lessons they offer are directly relevant to smaller businesses. In an environment where attackers increasingly target operational systems and supply chains, every SME should be taking notice.

Jaguar Land Rover

At the end of August, Jaguar Land Rover (JLR) suffered a serious cyber incident that forced it to suspend key IT systems and halt production in multiple plants across the UK. The company later began a phased restart of manufacturing, but the damage was already done: weeks of downtime, severed communications with suppliers, and reports of severe financial losses.

Many of JLR’s suppliers, in some cases SMEs themselves, were unable to deliver parts or receive payment. Moreover, it surfaced that JLR had not finalised cyber insurance coverage when the breach occurred, exposing it to even more downside risk.

This incident underscores one of the greatest vulnerabilities for SMEs: your business may be collateral damage in a larger attack. No matter where you are in a supply chain, you could be at risk.

What you can learn from this:

• Take time to review your cybersecurity insurance and make sure your coverage is active, the questionnaire has been completed accurately, and the level of protection reflects the true scale and risk profile of your business.
• Don’t wait for an incident to discover gaps in your policy.

Asahi

In late September, Asahi Group Holdings announced that its Japanese operations were hit by a major cyberattack, which led to a system failure that affected ordering, shipment, and customer service systems. Although production lines themselves were reportedly not physically damaged, with systems down, they could not process orders or dispatch goods. Over several days, many of Asahi’s factories remained idle, and the company resorted to manual order processing in some parts to maintain limited service.

Asahi’s official disclosures stressed that no customer data had been confirmed stolen at the time, and that the attack was contained to their Japanese operations. The incident also delayed new product launches.

For an SME, the Asahi case is a stark reminder that when your systems (especially order/fulfilment, logistics, or customer service) go down, your business can grind to a halt.

What you can learn from this:

• Business continuity is just as critical as data security. Make sure you’ve documented and protected all critical systems, with a recovery plan, secure backups in place, and regular testing to ensure those backups work when you need them most.

Harrods

In September, Harrods warned customers that personal data (names and contact details) had been exposed following a breach of a third-party provider. Harrods clarified that passwords and payment information were not compromised and that its own internal systems had not been breached. The number of affected records was reported to be around 430,000.

This was Harrods’ second notable cyber incident in six months, illustrating how persistent the threat is and how attackers often target supply chains and service providers.

For SMEs relying on outsourced services, such as managed IT, cloud apps, marketing platforms, payment processors etc, Harrods’ experience is a warning: you may not be the weak link, but you could be working with a victim.

What you can learn from this:

• Your cybersecurity is only as strong as your partners’.
• Regularly review your service providers and supply chain, ensuring they meet your security standards.
• Use supplier cybersecurity questionnaires, limit third-party access to essential systems and data, and build clear accountability into your contracts.

What SMEs Should Learn

When we look at incidents such as these, it’s clear to see a pattern. Cyberattacks increasingly aim not just at stealing data, but at disrupting operations. Attackers have realised that forcing a system-wide outage or halting manufacturing often imposes greater leverage.

As an SME, you must think of cybersecurity not as a cost but as insurance for continuity and survival. You need to anticipate disruption and ensure that your business can survive even when key systems fail. You need to understand who you rely on (vendors, suppliers, service providers, IT partners) and demand resilience from them too. You need to prepare communication strategies with your customers and staff so that if a breach does occur, everybody knows what to do.

How can we help?

Here at Morgan & Morgan, we believe cybersecurity should empower organisations, not scare them. Our role is to help businesses understand their unique risk landscape and put proactive, sustainable defences in place.

If you’d like us to review your current setup or walk you through the services we offer, we’d be happy to help. You can get in touch with our team on 01269 842242 or by filling in this form.

‍