Online firm Touchnote has become the latest victim of internet hacking.
The company, which makes an app that lets people turn a photo taken on a phone into a postcard, said it was targeted by criminals resulting in the theft of some customer data.
Details stolen include customer names, email addresses and postal addresses. There have also been some recorded instances of dates of birth being accessed.
A spokesman said: "Touchnote does not store (customers') full credit card or debit card numbers, expiry dates or security code with the exception of the last four digits of credit card numbers, which on its own cannot be used for making financial transactions."
Touchnote said it would be contacting customers to let them know if they have been affected. The company has contacted the UK's National Cyber Crime Unit.
It came as TalkTalk announced that the details of 156,959 customers and 15,656 bank account numbers were accessed in last month's cyber attack.
But the telecoms firm emphasised the "information accessed cannot on its own lead to financial loss".
The 28,000 obscured credit and debit card numbers that were taken cannot be used for financial transactions, and were "orphaned", meaning customers cannot be identified by the stolen data.
Although the decision was taken to tell all TalkTalk customers of the security breach, the company says that only 4% of its customers have any sensitive personal data at risk.