LNER warns customers to be “cautious” after cyber-attack exposes passenger details
Posted: 11 September 2025 | Global Railway Review | No comments yet
Train operator LNER has confirmed a cyber-attack at a third-party supplier exposed some passenger data, urging customers to stay vigilant.
Credit: Patriot O.A / Shutterstock.com
London North Eastern Railway (LNER) has urged passengers to be on alert after revealing that some customer details and journey records were accessed in a cyber-attack at a third-party supplier.
The breach, which did not affect LNER’s ticketing or scheduling systems, involved unauthorised access to files containing passenger contact information and records of previous journeys. The operator emphasised that the cyber-attack did not compromise any bank details, card payment data, or passwords.
In a statement, LNER said:
We have been made aware of unauthorised access to files managed by a third-party supplier, which involves customer contact details and some information about previous journeys. Importantly, no bank, payment card or password information has been affected.
We are treating this matter with the highest priority and are working closely with experts and with the supplier to understand what has happened and to make sure appropriate safeguards are in place. We will provide further updates as more information becomes available.”
The state-owned operator runs intercity services along the East Coast Main Line between London, Yorkshire, the North East and Scotland. It confirmed that services continue to operate as normal, although passengers arriving into London still face the impact of ongoing underground strikes.
The operator advised customers to be “cautious of unsolicited communications, especially those asking for personal information” and not to respond if in doubt. The operator added that customers did not need to contact their banks, as the supplier involved in the breach did not hold any financial or password data.
LNER is working closely with the Information Commissioner’s Office (ICO), the UK’s independent data protection regulator, as it determines whether the cyber-attack must be formally reported under GDPR. In previous cases, regulators have fined organisations that failed to implement adequate safeguards, underscoring the need for a swift and thorough response.
For further information or queries, LNER asks passengers to contact them at [email protected].
OUT NOW: The Definitive Guide to Rail’s Digital Future
The rail industry is undergoing a digital revolution, and you need to be ready. We have released our latest market report, “Track Insight: Digitalisation.”
This is not just another report; it’s your comprehensive guide to understanding and leveraging the profound technological shifts reshaping our industry. We move beyond the buzzwords to show you the tangible realities of AI, IoT, and advanced data analytics in rail.
Discover how to:
- Optimise operations and maintenance with real-time insights.
- Enhance passenger services through seamless, high-speed connectivity.
- Leverage technologies like LEO satellites to improve safety and efficiency.
Featuring expert analysis from leaders at Nomad Digital, Lucchini RS, Bentley Systems and more, this is a must-read for any rail professional.
Related topics
Cyber-Security, Digitalisation, Operational Performance, Passenger Experience/Satisfaction, Regulation & Legislation, Security & Crime Management
