London North Eastern Railway (LNER) has disclosed a data security incident involving unauthorized access to customer information stored by a third-party vendor.
While no financial or password data was compromised, contact details and journey histories were accessed.
According to an announcement published on the LNER website, the breach originated from a security lapse at an external service provider responsible for managing customer-related data. The compromised files include personal contact information and details of past travel activity; however, the company clarified that sensitive financial data, such as bank account details, card numbers, or login credentials, was not part of the breach.
LNER is currently working with cybersecurity experts and the affected supplier to investigate the scope of the breach and reinforce protective measures. As of now, the railway operator has not disclosed the number of impacted customers or the name of the third-party provider. However, they emphasized that train services and ticketing operations remain fully operational and unaffected by the incident.
Founded in 2018, LNER operates intercity rail services along the East Coast Main Line, connecting London with major cities such as Edinburgh, Leeds, and Newcastle. As one of the UK’s primary rail operators, it serves millions of passengers annually and relies on a network of digital systems and outsourced services to manage reservations, customer support, and loyalty programs.
In its public FAQ, LNER advises customers to be wary of phishing attempts, especially emails or messages requesting personal details. While there is no need to notify banks or change passwords due to the nature of the breach, the company reiterated that it’s good practice to maintain strong, regularly updated credentials. LNER has provided a dedicated contact address, datainfo@lner.co.uk, for customers seeking additional information.
Just one year ago, Transport for London (TfL) suffered a data breach affecting thousands of Oyster card users, exposing names, email addresses, home addresses, and even banking details linked to refunds. That attack, traced to a teenage suspect and investigated by the National Crime Agency, disrupted digital services and forced TfL to suspend certain operations temporarily.
Potentially impacted customers should remain vigilant for unsolicited communications referencing their recent travel history and avoid clicking on links or downloading attachments from unknown contacts. LNER account holders should reset their passwords out of an abundance of caution.
Leave a Reply