The personal details of up to 2.4 million customers may have been accessed after a division of Carphone Warehouse was hit by a cyber attack, the mobile phone retailer has said.
An investigation carried out by the company found that the data could have included names, addresses, dates of birth and bank details.
The company has said no Irish customers have been affected by the attack.
The encrypted credit card information of up to 90,000 customers may also have been accessed, a statement released by the firm warned.
Sebastian James, group chief executive of Dixons Carphone, said: "We take the security of customer data extremely seriously, and we are very sorry that people have been affected by this attack on our systems.
"We are, of course, informing anyone that may have been affected, and have put in place additional security measures."
The company said the security breach was discovered on Wednesday.
The affected division operates the websites OneStopPhoneShop.com, e2save.com and Mobiles.co.uk and provides services to iD Mobile, TalkTalk Mobile, Talk Mobile and some Carphone Warehouse customers.
The firm said in a statement: "We took immediate action to secure these systems and launched an investigation with a leading cyber security firm to determine exactly what data was affected.
"We have also put in place additional security measures to prevent further attacks."
Carphone Warehouse said it was contacting all customers who may have been affected to inform them of the breach and to advise them on how to reduce the risk of further consequences.
The company added that the customer information of Currys and PC World - and the "vast majority" of Carphone Warehouse - is held on separate systems and was not accessed during the attack.