LNER confirms passenger details accessed in data breach

London North Eastern Railway (LNER) has confirmed that some customer details were exposed during a recent cyber security incident linked to one of its third-party suppliers. 

The breach, which took place on 8 September 2025, involved unauthorised access to a supplier’s network responsible for managing LNER’s customer communications. The company has since begun contacting affected passengers directly. 

The incident adds to a growing list of data breaches across UK transport and infrastructure companies this year, raising questions about how safely passenger data is being shared and stored by contractors. 

What information was exposed?

According to LNER, the data accessed included customer names and email addresses. The firm says no passwords, bank details or payment card information were compromised, and ticketing systems remain secure. 

In an email to affected customers, LNER stated that it has been working with independent security experts to investigate the breach and strengthen its defences. 

However, the company urged vigilance, warning that those impacted should stay alert to the risk of phishing emails or scam messages that appear to come from LNER.  

“Emails from LNER will always end in @lner.co.uk or @email.lner.co.uk,” the company said. “If you’re in doubt, don’t click on any links or attachments, and contact us directly at [email protected].”

How did the breach happen?

The attack was traced back to a supplier managing LNER’s customer database, where hackers gained unauthorised access to network systems. The incident highlights the growing risk of third-party breaches, where vulnerabilities in a supplier’s systems are exploited to access data held by large organisations. 

LNER says it has now introduced enhanced security controls and is working closely with the supplier to minimise the risk of similar incidents happening again. 

Under the UK GDPR, companies that share customer data with third-party providers remain legally responsible for how that data is handled. This includes ensuring those suppliers have appropriate security and compliance measures in place. If they don’t, the organisation that collected the data — in this case LNER — could still be held accountable. 

What passengers should do

If you’ve received an email from LNER confirming your details were affected, you should: 

  • Be cautious of emails claiming to be from LNER or related services 
  • Avoid clicking links or downloading attachments unless you’re certain they’re legitimate 
  • Change passwords regularly, particularly if you use the same one across multiple sites. 
  • Report suspicious emails to the National Cyber Security Centre’s reporting service at [email protected]. 

Even when financial details aren’t exposed, stolen names and emails can still be used for targeted scams, especially when combined with data from previous breaches. These details can help fraudsters impersonate trusted companies or craft convincing phishing attempts. 

You can find more tips on how to stay safe after a data breach in our handy guide.  

Holding organisations accountable

Incidents like this highlight how vulnerable consumers remain when companies rely on external suppliers to manage their data. While no financial details were involved this time, the exposure of personal information still represents a serious breach of trust. 

Speaking on Reddit, one user said:  

If your information was exposed in this breach and LNERfailed to meet its data protection obligations, you may have grounds to join a data breach claim.  

FInd out more

Join the Claim connects consumers with SRA-regulated lawyers. Keep an eye out for updates on any potential claim and possible eligibility checks/registration opportunities.

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

Warning road sign against a stormy sky saying Scam Alert
Scam alert update: April 2026
Stay alert this April with the latest scam warnings from Join the Claim
Smartphone on surface showing Google Play logo. Google Play is an app store.
What the Google Play Store claim means for UK users
Used the Google Play Store on an Android device between 2015 and 2024? Here’s what the UK claim against Google means for you.
Diagonal test tubes with blood with blue lids ready for test. Concept of medicine and science. 3d rendering
UK Biobank breach: can anonymised health data be traced back to you?
 UK Biobank says the leaked data was anonymised — but experts warn it may still be identifiable. Here’s why that matters.
A scientist in a white lab coat looks through a microscope in a laboratory. Another person is seen working in the background. The scene shows a busy research environment with equipment.
UK Biobank data listed for sale: what happened and what it means
 Health data from 500,000 UK Biobank participants was listed for sale online. Here’s what was exposed, what wasn’t, and why it matters.
Woman using Booking.com app
Booking.com scams explained: what “reservation hijacking” means for travellers
  A data breach at Booking.com is now being linked to a rise in so-called “reservation hijacking” scams. Here’s how to protect yourself.
employee and colleagues brainstorming how to fix employee data breach affecting systems
Employee data breaches are rising: what it means for your data
Employee data breaches are increasing across the UK. Here’s what’s happening & what it means for your personal information.
Man using smartphone to cancel subscription on digital app interface. Unsubscribe from online service membership or payment plan.
New laws will make it easier to cancel subscriptions and get refunds
New UK laws will make it easier to cancel subscriptions and get refunds. Here’s how subscription traps are being tackled.
AI concept Artificial Intelligence technology circuit motherboard chip computer
The dangers of AI: what consumers need to know
From data misuse and deepfakes to harmful content and bias, learn how AI can go wrong and what it means for your rights in the UK.
woman use booking app, booking com logo on the screen
Booking.com data breach: what travellers need to know
Booking.com has confirmed a data breach affecting customer booking details. Here’s how to protect yourself.
What claims should be on your radar in April 2026?
Several major compensation claims are developing in the UK this spring, including cases involving Apple, Amazon, Steam and major data breaches.
Rightmove website on the display of PC
Rightmove £1.5bn claim filed: what estate agents need to know
A £1.5bn legal claim has been filed against Rightmove, accusing the property giant of charging excessive fees to estate agents. Here’s what’s happening and what it could mean.
Hands, phone and person in home with scrolling, social media
Meta blocks ads linked to social media addiction lawsuits
Meta has removed adverts from law firms seeking clients for social media addiction lawsuits, following recent legal setbacks in the US.
There is wood cube with the word Opt out. It is as an eye-catching image.
Opt-out collective actions could add billions to the UK economy
Join the Claim is bringing together major UK opt-out collective actions so consumers can check what claims exist and whether they could be affected.
There is notebook with the word Opt out. It is as an eye-catching image.
How opt-out collective actions work in practice
Opt-out collective actions allow millions of consumers to be represented in a single competition law case. Learn how UK opt-out claims work, from certification to compensation.
What is dieselgate, and how does it affect drivers in the UK?
The global ‘dieselgate’ scandal started back in 2015, when the US Environmental Protection Agency discovered Volkswagen Group had been selling cars with illegal emissions-cheating software. The software could detect when a vehicle was undergoing emissions…
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a registered trading name of Big on Media ltd. Big on Media is registered in the United Kingdom under licence number 09878028 with its registered office located at Big on Media, 32 Eyre Street, Sheffield, England, S1 4QZ

© Join the Claim All Rights Reserved |

2026
Go to claims