LNER has been hacked, it emerged this afternoon (Wednesday).
The York-based train operator said passengers’ contact details and some information about past journeys have been accessed in a cyber attack.
The Government-owned organisation, which runs services on the East Coast Main Line between London and Scotland, said in a statement it was “made aware of unauthorised access to files managed by a third-party supplier”.
It stated that “no bank, payment card or password information has been affected”.
The statement added: “We are treating this matter with the highest priority and are working closely with experts and with the supplier to understand what has happened and to make sure appropriate safeguards are in place.
“We will provide further updates as more information becomes available.”
LNER is urging passengers to be “cautious of unsolicited communications, especially those asking for personal information”.
The operator said the third-party supplier involved “does not have access to password data” but it is “always good practice to maintain a secure password and to change passwords regularly”.
What customers should do
LNER has issued this Q&A for customers worried about their data.
What should I do?
Please be cautious of unsolicited communications, especially those asking for personal information. If in doubt, do not respond.
Do I need to inform my bank?
No. The third-party supplier involved does not have access to bank or payment card information.
Does this impact on buying tickets or travelling?
No. Our ticket sales and train operations are entirely unaffected.
Do I need to change my password?
The third-party supplier involved does not have access to password data. It is always good practice to maintain a secure password and to change passwords regularly.
What if I want more information or have a question?
You can contact LNER at [email protected]
