Supply chain [SC] Supply Chain

London North Eastern Railway (LNER) Third-Party Breach (September 2025)

2025-09-01 [vendor] Third-party vendor
Primary Source ↗

Incident Details

In 2025, London North Eastern Railway (LNER) experienced a data security incident via a third-party vendor relationship. The compromised third-party vendor was Third-party vendor. Source reporting: https://www.lner.co.uk/news/lner-media-update-data-information/

Technical Details

Initial Attack Vector
Compromise of third-party service provider / vendor relationship
Vendor / Product
Third-party vendor
Supply Chain Attack
✅ Confirmed third-party / vendor compromise

Timeline

  1. 2025-09-01 Breach occurred
  2. 2025-09-01 Publicly disclosed