Particle.news

Download on the App Store

LNER Confirms Supplier Breach Exposing Passenger Contact and Journey Data

Security experts warn the exposed details could be weaponized for targeted phishing.

Overview

  • The state-owned operator says no bank, payment card or password information was affected, and ticketing and train services continue as normal.
  • LNER attributes the incident to unauthorised access at an unnamed third-party supplier and has not disclosed how many customers are impacted.
  • The company says it is treating the case as a priority, working with external cybersecurity specialists and engaging with the supplier.
  • Customers are urged to be wary of unsolicited messages requesting personal information, with LNER advising vigilance against phishing and no need to contact banks.
  • Reports indicate LNER has contacted the Information Commissioner's Office as part of the ongoing review, reflecting wider supply‑chain threats facing UK transport and major firms.