Funky Pigeon has stopped taking orders after being hit by a cyber attack last week.
The online greetings card and gifts business said it is writing to all customers from the past 12 months to inform them of the hack.
It added that “no customer payment data” is at risk and said it does not believe that any customers’ account passwords have been affected.
The WH Smith-owned company said it has taken its systems offline “as a precaution” and is therefore unable to fulfil any orders.
It said in a statement: “As soon as we discovered the incident last Thursday, we launched a forensic investigation led by external experts to understand the incident and whether there has been any impact on customer data.
“We are currently investigating the extent to which any personal data – specifically names, addresses, e-mail addresses and personalised card and gift designs – has been accessed.
“We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website.”
Funky Pigeon said it has informed relevant regulators and law enforcement authorities about the breach.
It also said it will continue to review and update its protocols based on what it learns from the incident.
“We would like to sincerely apologise to our customers for any concern or disruption this may cause, and reassure them that our teams are working around the clock to investigate and resolve this incident,” the company added.
“As our investigation progresses, we will provide further updates to customers and other affected parties as necessary.”
It comes two weeks after retailer The Works was forced to shut some of its stores and halt stock deliveries to its shops following a cyber attack.