Jaguar Land Rover (JLR) suffered a damaging cyberattack at the end of last month that forced it to shutter many of its production lines around the world. And theyre still not up and running yet.

The automaker, which is owned by Indias Tata Motors, has now revealed that the hackers may have stolen data in the cyberattack, though it added that so far its investigations indicate that no customer information has been affected.

Recommended Videos The cyberattack targeting JLRs IT systems took place on August 31, with the automaker sharing news of the incident on September 2.

But it added that it now believes some data has been affected Our forensic investigation continues at pace and we will contact anyone as appropriate if we find that their data has been impacted.

JLR maker of popular vehicles such as the Range Rover, Land Rover Defender, and Jaguar I-Pace said its very sorry for the continued disruption this incident is causing and we will continue to update as the investigation progresses.

Related: Jaguar Land Rover, Nissan hit the brake on shipments to U.S. over tariffs At least six JLR production plants three in the U.K. and three overseas have stopped their production lines, with thousands of workers sent home until further notice. Some news reports have said that the U.K. plants arent expected to get back online until Thursday at the earliest, though other reports suggested the factories, which collectively produce around 1,000 vehicles a week, might not start again until early next week.

Last week, a group of hackers claimed responsibility for the JLR cyberattack, posting a screenshot purporting to show the companys internal IT systems.

The group is reportedly a collaboration between three English-speaking hacker groups: Scattered Spider, Lapsus$, and ShinyHunters.

Some of them have been accused of attacks on a number of high-profile U.K retailers this year, and four people were arrested in July in connection with those cyberattacks. Police investigations are ongoing.