Cyber Attack Exposes LNER Train Passengers’ Personal Data

London North Eastern Railway (LNER) has confirmed that an unauthorized breach at one of its third-party suppliers exposed contact details and travel histories of some passengers.

No banking or password data were involved. The company says it is treating the incident with the highest priority and is working with experts to secure customer information.

What Happened and What Was Affected

On Wednesday, 10 September 2025, LNER discovered that files managed by a contractor had been accessed without permission.

These files contained names, email addresses, phone numbers, and records of previous journeys. The supplier maintains ticketing and customer communications systems on LNER’s behalf.

LNER stressed that no financial information—such as bank details or payment card numbers—was included in the breach. Passwords and login credentials were also unaffected.

The operator has engaged a leading cybersecurity firm to investigate the breach’s scope, determine how the unauthorized access occurred, and ...