LNER Cyberattack: Passenger Data Breach Impacts East Coast Services

LNER faces cyber attack, exposing passenger data at a third-party supplier. No financial details compromised. Customers advised to remain vigilant.

LNER Cyberattack: Passenger Data Breach Impacts East Coast Services
September 13, 2025 1:13 am
A+
A-

“`html

Introduction

LNER, a state-owned train operator, has reported a cyber-attack at a third-party supplier that exposed passenger data, prompting the company to advise customers to remain vigilant. The breach, which occurred without affecting LNER’s ticketing or scheduling systems, involved unauthorized access to files containing customer contact details and journey records. LNER has stated that no bank details, payment card data, or passwords were compromised in the incident.

Customer Data Exposure

Details of the Breach

LNER announced that a cyber-attack at a third-party supplier resulted in the exposure of some passenger data. The accessed files contained customer contact information and records of previous journeys. The operator clarified that no bank details, card payment data, or passwords were affected by the breach.

LNER’s Response

LNER confirmed that it is treating the matter with “the highest priority” and is collaborating with experts and the supplier to assess the situation and implement appropriate safeguards. The operator has stated that it will provide further updates as more information becomes available. Services continue to operate as normal despite the incident, although passengers arriving into London still face the impact of ongoing underground strikes.

Customer Advisory

The operator has advised customers to be cautious of unsolicited communications, especially those requesting personal information. Customers are urged not to respond to suspicious communications. LNER has also stated that customers do not need to contact their banks, as the supplier did not hold any financial or password data.

Regulatory Oversight

LNER is working closely with the Information Commissioner’s Office (ICO), the UK’s independent data protection regulator. The operator is determining whether the cyber-attack must be formally reported under GDPR.

Last June 2025, we published an article about Renfe’s new cutting-edge Aranjuez maintenance hub, boosting Cercanías efficiency. Click here to read – Future of Rail: Renfe’s Railway Technology Hub, Aranjuez: Essential Guide

Conclusion

LNER confirmed that a cyber-attack at a third-party supplier exposed passenger data, including customer contact details and journey records, while assuring that no financial data or passwords were compromised. The operator is working with experts and the ICO and advising customers to be cautious of unsolicited communications.

Company Summary

LNER is a state-owned train operator running intercity services along the East Coast Main Line between London, Yorkshire, the North East and Scotland.

“`