Overview
- The state-owned operator says no bank, payment card or password information was affected, and ticketing and train services continue as normal.
- LNER attributes the incident to unauthorised access at an unnamed third-party supplier and has not disclosed how many customers are impacted.
- The company says it is treating the case as a priority, working with external cybersecurity specialists and engaging with the supplier.
- Customers are urged to be wary of unsolicited messages requesting personal information, with LNER advising vigilance against phishing and no need to contact banks.
- Reports indicate LNER has contacted the Information Commissioner's Office as part of the ongoing review, reflecting wider supply‑chain threats facing UK transport and major firms.