What personal information was compromised in the LNER breach?

The compromised information includes customer contact details such as names, phone numbers, and email addresses, along with journey information from previous trips and travel history records.

How did the LNER data breach occur?

The breach occurred through unauthorized access to customer data that was managed by an unidentified third-party supplier working with LNER. The specific details of how the unauthorized access happened have not been disclosed.

How many LNER passengers were affected by the data breach?

The number of affected individuals has not been disclosed by LNER.

Should I be concerned about phishing attempts after the LNER breach?

Yes, since contact details including email addresses and phone numbers were compromised, there is a risk of phishing attempts. Be particularly cautious of any unsolicited emails, texts, or calls claiming to be from LNER or other organizations asking for personal information.

Was financial information compromised in the LNER data breach?

Based on the information disclosed, the breach appears to have been limited to customer contact details and travel history records. There is no indication that financial information such as payment card details were compromised.

Who was the third-party supplier involved in the LNER breach?

LNER has not identified the third-party supplier involved in the data breach. The supplier was managing customer data on behalf of LNER when the unauthorized access occurred.

How can I protect myself after the LNER data breach?

Be cautious of unsolicited communications asking for personal information, verify any communications claiming to be from LNER by contacting them directly through official channels, monitor your accounts for suspicious activity, and report any suspicious communications to LNER and relevant authorities.

Will LNER notify affected passengers directly?

While LNER has not specifically detailed their notification process, they have publicly disclosed the breach and are advising all passengers to be cautious of unsolicited communications. Passengers should monitor official LNER communications channels for updates.

Incident

UK Railway operator LNER reports cyberattack compromising passenger details and journey records

Q: What is LNER and what services do they operate?

LNER (London North Eastern Railway) is a state-owned train operator that runs intercity services on the East Coast Main Line between London and Scotland, providing passenger rail services across this major UK transport corridor.

Q: What is LNER doing in response to the data breach?

LNER says it is treating the matter with the highest priority and is working closely with experts and the supplier to understand what happened and make sure appropriate safeguards are in place to prevent future incidents.

Q: What advice is LNER giving to affected passengers?

LNER is advising passengers to be cautious of unsolicited communications, especially those asking for personal information, and if in doubt, do not respond to such communications.

published: Sept. 10, 2025

Learn More

London North Eastern Railway (LNER), the state-owned train operator running intercity services on the East Coast Main Line between London and Scotland, reports a data breach affecting passenger information.

The incident involved unauthorized access to customer data managed by an unidentified third-party supplier, exposing contact details and travel history information from the company's passenger database.

The compromised information includes:

Customer contact details (names, phone numbers, email addresses)
Journey information from previous trips
Travel history records

The number of affected individuals is not disclosed.

LNER said it is treating the matter with the highest priority and is working closely with experts and the supplier to understand what happened and make sure appropriate safeguards are in place.

LNER is advising passengers to "be cautious of unsolicited communications, especially those asking for personal information" and "if in doubt, do not respond."

UK Railway operator LNER reports cyberattack compromising passenger details and journey records

Read More
Wisconsin medical institutions report impact on Medicare users …
Aristocrat reports MOVEit related data breach
Clearwater Credit Union reports MOVE-IT related data breach
South Carolina State University reports data breach, employees …
Capitol Federal customers impacted by MoveIT related data …