A recent data breach could have exposed customer, client and employee information – including that of LNER passengers. Has your data been compromised?
Join the Claim isn’t a law firm. We connect you with regulated UK firms that run group action claims. If one of our partner firms takes this case forward, we’ll share more details, including how to check your eligibility.
Register your interest
Overview
Global marketing giant Dentsu has confirmed a data breach affecting the systems of its UK division Merkle, potentially exposing the personal and financial details of current and former employees.
Early findings show that files containing bank and payroll details, salary information, National Insurance numbers, and contact details were taken from Dentsu’s servers. The company says there’s no evidence so far that this data has been published online.
However, payroll and financial data is among the most sensitive information a company holds, and if it falls into the wrong hands, the consequences can be devastating, leading to identity theft, fraud, or long-term financial harm.
While Dentsu’s investigation initially focused on employee information, new reports suggest that some client and customer data may also have been affected. This includes the recent breach at train operator LNER, whose customer communications supplier is believed to be linked to Merkle.
If it’s confirmed that Dentsu failed to adequately protect employee data or customer data, those affected could be entitled to compensation under UK data protection law.
We are monitoring the situation closely. Register your interest today and we will keep you updated if one of our regulated UK partner law firms is able to take this claim forward.
Dentsu data breach – At a glance
Why register with Join the Claim?
Join the Claim is bringing people together — uniting those who want answers, accountability and stronger data protections from the companies they trust.
Staying informed is the first step towards change. By registering alongside others affected, you’re showing that people expect better. And that when something goes wrong, they want to see it put right.
What do we know about the Dentsu data breach?
How Join the Claim works
Take a moment to answer a few simple questions so we can understand your connection and keep you updated.
Share your details so we can keep you informed if any updates become available.
If a partner law firm takes this claim forward, we’ll let you know the next steps and how to join.
Latest updates on the Dentsu data breach
November 2025
Dentsu issues a public statement confirming the nature and scope of the data exposed, stating that files taken from its Merkle network included payroll, bank, and contact details of current and former UK employees.
Around the same time, reports emerged linking the breach to a separate incident involving LNER’s customer communications supplier, which is understood to operate within Dentsu’s Merkle network.
October 2025
The data breach is first reported by the press.
We’ll provide more updates on the data breach claim as they occur.
Are you affected by the Dentsu data breach?
Dentsu is contacting all affected employees and former employees to let them know. Customers of other companies may also be affected. Register to stay updated and we’ll let you know if a partner law firm takes this claim forward.
Frequently asked questions about the Dentsu data breach
Yes. Dentsu has confirmed a data security incident affecting its UK operations through its marketing division, Merkle. The company detected unusual activity on its servers and has since contained the breach, launched an investigation, and notified the ICO, NCSC and law enforcement.
The breach primarily involves current and former employees of Dentsu’s UK operations, including its marketing division Merkle.
However, independent media reports suggest that some client and customer data may also have been affected. This includes the recent LNER customer communications breach, which is believed to be linked to the same supplier network. Dentsu has not confirmed whether any client or customer data was accessed, and its investigation remains ongoing.
The company has contacted those whose data may have been compromised and is offering a free 12-month membership to Experian Identity Plus, which provides credit and dark-web monitoring.
At this stage, the breach itself occurred within the systems of Dentsu’s marketing division, Merkle — a third-party supplier used by several major UK companies, including LNER, to manage customer communications. While LNER was not directly breached, it has confirmed that some customer data was accessed through the supplier’s compromised network. Under UK data protection law, both the data controller (LNER) and the data processor (Dentsu/Merkle) share responsibility for protecting personal information. If it’s found that Dentsu or its partners failed to apply adequate security measures, affected customers may have grounds to seek compensation for any loss or distress caused.
If it’s confirmed that Dentsu failed to protect employee and/or customer data in line with UK data protection law, those affected could be eligible for compensation. Join the Claim will continue to monitor the situation and update affected individuals as more details emerge.
We are not a law firm. Our role is to keep people informed about potential group actions if one of our regulated UK partner law firms is able to take this claim forward.
By registering, you’ll stay up to date with any developments — from investigations to possible legal action.
No. Registering simply means you’ll receive updates. If a law firm later takes on the case, you’ll be given the option to learn more about the process and any potential costs before deciding whether to take part.
A group action claim allows people affected by the same issue to take action together. This strength in numbers helps stand up to big organisations. Join the Claim helps connect people with law firms so these actions have a real impact.
You might also like
We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.
Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.
Join the Claim is a registered trading name of Big on Media ltd. Big on Media is registered in the United Kingdom under licence number 09878028 with its registered office located at Big on Media, 32 Eyre Street, Sheffield, England, S1 4QZ
© Join the Claim All Rights Reserved | 2025
