LNER warns customers to be “cautious” after cyber-attack exposes passenger details
Posted: 11 September 2025 | Global Railway Review | No comments yet
Train operator LNER has confirmed a cyber-attack at a third-party supplier exposed some passenger data, urging customers to stay vigilant.
Credit: Patriot O.A / Shutterstock.com
London North Eastern Railway (LNER) has urged passengers to be on alert after revealing that some customer details and journey records were accessed in a cyber-attack at a third-party supplier.
The breach, which did not affect LNER’s ticketing or scheduling systems, involved unauthorised access to files containing passenger contact information and records of previous journeys. The operator emphasised that the cyber-attack did not compromise any bank details, card payment data, or passwords.
In a statement, LNER said:
We have been made aware of unauthorised access to files managed by a third-party supplier, which involves customer contact details and some information about previous journeys. Importantly, no bank, payment card or password information has been affected.
We are treating this matter with the highest priority and are working closely with experts and with the supplier to understand what has happened and to make sure appropriate safeguards are in place. We will provide further updates as more information becomes available.”
The state-owned operator runs intercity services along the East Coast Main Line between London, Yorkshire, the North East and Scotland. It confirmed that services continue to operate as normal, although passengers arriving into London still face the impact of ongoing underground strikes.
The operator advised customers to be “cautious of unsolicited communications, especially those asking for personal information” and not to respond if in doubt. The operator added that customers did not need to contact their banks, as the supplier involved in the breach did not hold any financial or password data.
LNER is working closely with the Information Commissioner’s Office (ICO), the UK’s independent data protection regulator, as it determines whether the cyber-attack must be formally reported under GDPR. In previous cases, regulators have fined organisations that failed to implement adequate safeguards, underscoring the need for a swift and thorough response.
For further information or queries, LNER asks passengers to contact them at [email protected].
Stay Connected with Global Railway Review — Subscribe for Free!
Get exclusive access to the latest rail industry insights from Global Railway Review — all tailored to your interests.
✅ Expert-Led Webinars – Gain insights from global industry leaders
✅ Weekly News & Reports – Rail project updates, thought leadership, and exclusive interviews
✅ Partner Innovations – Discover cutting-edge rail technologies
✅ Print/Digital Magazine – Enjoy two in-depth issues per year, packed with expert content
Choose the updates that matter most to you. Sign up now to stay informed, inspired, and connected — all for free!
Thank you for being part of our community. Let’s keep shaping the future of rail together!
Related topics
Cyber-Security, Digitalisation, Operational Performance, Passenger Experience/Satisfaction, Regulation & Legislation, Security & Crime Management
