LNER A.I CyberSecurity Scoring
LNER
Company Information
Website:http://www.lner.co.uk
Employees number:1,113
Number of followers:38,968
NAICS:482
Industry Type:Rail Transportation
Homepage:lner.co.uk
LNER Risk Score (AI oriented)
Between 550 and 599
LNERRail Transportation
Updated:
09/03/2026
09/03/2026
575/1000
Very Poor
Ca
LNER Global Score (TPRM)
xxxx
LNERRail Transportation
Score locked

LNERVery Poor
Current Score
575Ca (VERY POOR)
01000
3 incidents
-68 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
589
JUNE 2026
587
MAY 2026
583
APRIL 2026
580
MARCH 2026
575
FEBRUARY 2026
574
JANUARY 2026
571
DECEMBER 2025
565
NOVEMBER 2025
624
Breach
11 Nov 2025 • LNER
LNER
Dentsu (Merkle) Data Breach Compromising LNER’s Customer Data
561
CRITICAL-63
LON0893608111125
LNER (London North Eastern Railway) experienced a data breach due to unauthorized access to files managed by its third-party supplier, Merkle (a subsidiary of Dentsu). The breach compromised customer contact details and some journey history, though no bank, payment card, or password data was exposed. LNER warned customers about potential unsolicited communications and paused some customer communications as a precaution. Meanwhile, Dentsu confirmed that the breach also affected its current and former employees, exposing sensitive data such as bank/payroll details, salaries, National Insurance numbers, and personal contact information. Dentsu engaged cybersecurity firms and law enforcement, offering affected employees credit and dark-web monitoring services. The incident remains under investigation, with notifications sent to impacted parties in compliance with legal requirements. The breach highlights vulnerabilities in third-party vendor security and the broader risks of supply-chain cyberattacks.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
699
Breach
16 Oct 2025 • LNER
LNER (London North Eastern Railway)
LNER Customer Data Breach via Third-Party Supplier
622
CRITICAL-77
LON5292952101625
LNER, a major UK train operator running services from London to Edinburgh, suffered a cybersecurity breach via a third-party supplier. Hackers gained unauthorized access to its customer communication database, stealing the names and email addresses of thousands of passengers. While no payment card details, passwords, or account information were compromised, the breach exposed customers to potential phishing and scam messages. The company’s core operations, including train services and ticketing, remained unaffected. LNER reported the incident to authorities (ICO, NCSC, British Transport Police, and the Department for Transport) and is working with the supplier to implement enhanced security measures. Customers were advised to stay vigilant against suspicious communications and maintain strong password practices. The breach follows a series of high-profile cyberattacks in the UK, including those on Jaguar Land Rover, Marks & Spencer, and Harrods.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
761
Breach
11 Sep 2025 • LNER
LNER (London North Eastern Railway)
Unauthorized Access to LNER Customer Details via Third-Party Supplier
697
CRITICAL-64
LON3852638100225
LNER, a UK government-owned rail operator, confirmed that an unauthorized third party accessed customer data via one of its suppliers. The breach exposed customer contact details and partial journey history, though no financial (bank/payment card) or password information was compromised. The stolen data could be weaponized for targeted phishing or follow-on identity-based attacks, as warned by LNER and cybersecurity experts. While the immediate impact is limited to non-critical personal information, the incident highlights risks tied to third-party vendor vulnerabilities. LNER advised customers to remain vigilant against unsolicited communications but did not mandate password resets, emphasizing general password hygiene as a precaution. Security analysts stressed the need for organizations to map data flows to third parties and deploy identity threat detection to mitigate risks from such exposures.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
AUGUST 2025
761
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for LNER ??
What was LNER's A.I Rankiteo Cyber Score in June 2026 ??
What was LNER's A.I Rankiteo Cyber Score in May 2026 ??
What was LNER's A.I Rankiteo Cyber Score in April 2026 ??
What was LNER's A.I Rankiteo Cyber Score in March 2026 ??
What was LNER's A.I Rankiteo Cyber Score in February 2026 ??
What was LNER's A.I Rankiteo Cyber Score in January 2026 ??
What was LNER's A.I Rankiteo Cyber Score in December 2025 ??
What was LNER's A.I Rankiteo Cyber Score in November 2025 ??
What was LNER's A.I Rankiteo Cyber Score in October 2025 ??
What was LNER's A.I Rankiteo Cyber Score in September 2025 ??
What was LNER's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on LNER's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with LNER ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view LNER's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?