Payday lender Wonga is investigating an "illegal and unauthorised access" to data which could affect around 245,000 customers in the UK customers and a further 25,000 in Poland.
The firm discovered the possible breach on Friday and began informing affected customers on Saturday, with the majority now contacted. The matter has also been reported to the Information Commissioner's Office and the police.
It's believed the following types of customer data may have been accessed:
- Email addresses
- Home addresses
- Phone numbers
- The last 4 digits of credit/debit card numbers
- Full bank account numbers and sort codes
What to do if you're affected
Wonga account passwords were not accessed during the suspected breach, meaning it's not necessary to change them - but you can still do so if you feel concerned.
Customers whose data may have been accessed are advised to alert their bank and and ask it to keep an eye out for any suspicious activity.
The lender is also warning against the threat of scammers, saying: "Exercise vigilance: Beware of scammers or unusual online activity. Be cautious of anyone who calls you and asks you to disclose any personal information regardless of where they say they are from. If this happens, we recommend that you hang up."
A short list of FAQs regarding the breach is available on the Wonga website, and customers can call the firm on 0207 138 8330 - though wait times are likely to be high.