Up to 34,000 Butlin's guest records may have been accessed by hackers, the holiday camp chain has warned.
The data at risk includes names, home addresses, email addresses and telephone numbers, but Butlin's insists that "no financial data has been compromised".
Butlin's says it is in the process of contacting affected customers to inform them of the incident and let them know what their next steps should be.
The incident has been reported to the information watchdog - the Information Commissioner's Office (ICO).
What should I do if I'm affected?
Butlin's insists that no financial data was compromised, but given that personal contact information could have been accessed, if you have been affected it's worth looking out for phishing scams.
This is a type of scam where people contact you and try to get further information from you, such as passwords or credit card information.
For full info on how to protect yourself against this type of scam and others, see our 30+ Ways to Stop Scams.
What does Butlin's say?
Butlin's managing director Dermot King said: "Butlin's take the security of our guest data very seriously and have improved a number of our security processes.
"I would like to apologise for any upset or inconvenience this incident might cause. A dedicated team has been set up to contact all guests who may be affected directly.
"I would like to personally reassure guests that no financial data has been compromised."
An ICO spokesperson said: “Butlins has made us aware of an incident and we will be making enquiries.”