Yorkshire tearoom chain Bettys has admitted that it was hit by a data breach that has affected some 120,000 customers who use its website to order items.
The company blamed the breach on an “industry-wide software weakness” that was used by the hackers to “illegally gain access to our customer data”.
The breach has seen customer names, email addresses and encrypted passwords stolen, although the company said that no financial data was affected.
“We would like to stress that your credit or debit card details have not been copied as this information is stored on a completely separate system managed by a certified third party,” Bettys said in a statement.
Despite this, the firm urged customers to change their passwords as a precautionary measure and has placed a button at the top of its website offering people a direct link to this option - something web giant eBay failed to do last year.
The worry for customers will be that hackers will now know their email address and password and can try to hack into other websites using the same credentials, as many people use the same details on several services.
Bettys added that it had now fixed the software problem and is working with security providers to enhance its protections.
"Bettys takes customer confidentiality extremely seriously and we have carried out a full investigation with our security partners. The software issue has been addressed and further security measures have been put in place," the firm said.
“It’s a completely unprecedented event for us and we’re extremely sorry that the breach has occurred.”
The hack is the latest to target a high-street brand. Kitchen retailer Lakeland was hit by a hack in 2013, while US giant Target was hit by a major breach that affected records relating to almost 80 million customers.
A new RSA report urges coders to sign a 'Hippocratic Oath' before embarking on AI programmes.
IT security vendor believes APT33 is working for the Iranian government
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal