Play.com, the UK-based online music and video seller, has suffered a major security breach, with the names and e-mail addresses of customers exposed by a third-party marketing firm used by the company.
Customers were alerted to the breach by an e-mail from Play.com late last night.
"We are emailing all our customers to let you know that a company that handles part of our marketing communications has had a security breach. Unfortunately this has meant that some customer names and email addresses may have been compromised."
The company disclaimed all responsibility for the breach, blaming it on the unnamed third party. While it made no mention specifically of credit card details, the message suggested that buyers' financial information remained safe:
"We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved."
The e-mail went on to advise customers who receive anything suspicious in their email not click on any links, and to forward the email to firstname.lastname@example.org for the company to investigate.
The leak comes a day after spammers were revealed to have accessed user details at BitTorrent tracker site The Pirate Bay.