PA MediaTrain operator LNER said passengers’ contact details and some information about past journeys have been accessed in a cyber attack.
The Government-owned organisation, which runs services on the East Coast Main Line between London and Scotland, said in a statement it was “made aware of unauthorised access to files managed by a third-party supplier”.
It stated that “no bank, payment card or password information has been affected”.
The statement added: “We are treating this matter with the highest priority and are working closely with experts and with the supplier to understand what has happened and to make sure appropriate safeguards are in place.
“We will provide further updates as more information becomes available.”
LNER is urging passengers to be “cautious of unsolicited communications, especially those asking for personal information”.
The operator said the third-party supplier involved “does not have access to password data” but it is “always good practice to maintain a secure password and to change passwords regularly”.
Transport for London (TfL) suffered a major cyber attack in September last year, which involved the bank account numbers and sort codes of around 5,000 customers being accessed.
The hack resulted in TfL restricting its online services for several weeks.
Passengers were prevented from viewing some live travel information and viewing their journey history for trips paid for by contactless cards.
Follow STV News on WhatsApp
Scan the QR code on your mobile device for all the latest news from around the country
