Intruders gained access to the personal details of more than 150 Namesco customers, potentially including passwords and financial information, the internet domain name and hosting service has confirmed.
In total 178 customer records were compromised, a spokesman for Namesco told ZDNet UK on Monday. It began informing customers about the breach on Thursday.
"We contacted a small proportion of our customer base to inform them that their personal information, including name and contact details, selected bank payment card information and their Namesco account administration password may have been at risk of a security breach," a spokesman said.
"We had notified the Information Commissioner the day before, and at that time we had been working for a week to ascertain the impact of the illegal unauthorised third party access, including which customers had been put at risk and what had been affected," he added.
An audit of the breach carried out by the system admins revealed that the personal information of 178 customers "may have been compromised", the company said.
Namesco did not say how exactly the system had been infiltrated but did confirm it was the result of "criminal activities that remain under investigation".
Following the breach, the company said it had put measures in place to stop it happening again.
"The vulnerability was immediately dealt with, and we have already implemented a series of new security enhancements that strengthen our network infrastructure against criminal activity of this nature," a spokesman said.