LaCie, a secure technology producer, has confirmed that an unauthorised party used malware to access its online payment system for almost a year and could have stolen customers' personal and card information.
In a statement today it advised at all customers to be on the lookout and review your account statements for any unauthorised activity".
The Federal Bureau of Investigation (FBI) notified the retailer of the security risk in mid-March, and the company began notifying customers last week.
Customer names, addresses, emails, and payment card numbers and expiration dates could have been compromised, according to a release, and all transactions made between March 27, 2013 and March 10, 2014 were affected.
Online ordering has been preemptively disabled while more secure payment services are implemented.
"We have hired a leading forensic investigation firm, who is cnducting a thorough investigation, and assisting us in implementing additional security measures," the company said.
"As a precaution, we have temporarily disabled the e-commerce portion of the LaCie website while we transition to a provider that specialises in secure payment processing services. We will resume accepting online orders once we have completed the transition," it said.