As I know many people here book trains on LNER I have had an e-mail from them this morning concerning a data breach. It reads-
We are getting in touch from the LNER Data Protection Team to tell you that a personal data breach has taken place.
What happened
On 8 September 2025 we were told that one of our suppliers, who manages our customer communication database, had suffered a security incident. A third-party gained unauthorised access to the supplier’s networks and in the process gained access to customer data.
As a result of our investigation of the breach so far, we have concluded that the data included some personal information, specifically your name and email address.
No payment card details, passwords or your LNER account information were involved. Our ticketing systems remain safe, and you can continue to buy tickets from LNER as normal.
Because your name and email address were affected, it’s possible you will receive phishing or scam messages.
What we're doing
We are continuing to work closely with our supplier, who has engaged independent security experts, to put enhanced security controls in place to minimise the risk of this happening again. We have also taken the following measures to address the breach:
Reported the incident to the Information Commissioner’s Office on 9 September 2025;
Notified the National Cyber Security Centre (NCSC), British Transport Police (BTP) and the Department for Transport;
Paused certain communication channels temporarily as a precaution.
What you should do
Remain vigilant against phishing or scam attempts, including unexpected communications asking for personal or financial information.
Don’t click on links or download attachments in suspicious emails.
Be aware that phishing attempts may appear to come from LNER when they have not. Emails sent from LNER will end in @lner.co.uk or @email.lner.co.uk; threat actors may try to imitate this with similar characters, for example, using the number 1 instead of the letter L. You can contact us at [email protected] if you are in doubt about whether an email or message comes from LNER.
Although we understand that password information has not been affected, we also suggest that you maintain a secure password and change your password regularly. Remember that we will never ask you to provide us with your password.
Contact us-We have set up a dedicated mailbox - [email protected] - for questions about this incident. It goes directly to our Data Protection Officer, John.