Update Cotton Traders has become the latest firm to spill sensitive customer account details.

The retailer confirmed on Tuesday that payment details were exposed following an attack on its website earlier this year. Around 38,000 customers were affected by the breach, the BBC reports. Cotton Traders claims this figure is "widely inaccurate" but isn't supplying the correct figure.

A spokeswoman explained: "I would like to reiterate that the incident took place in January 2008 and all actions to rectify the situation were completed over five months ago."

"Those involved were notified at the time and card replaced," she added.

In a statement the firm said: "Cotton Traders take any security issues very seriously.

"In January 2008 we identified a security issue. We immediately brought in Industry security experts to resolve the problem. We can confirm that our customer credit card data is encrypted on our website but if any of our customers have been a victim of fraud, they should contact their card issuer."

"Cotton Traders have recently upgraded all security on their website which has been validated by leading Industry experts," it added.

Police are investigating the case. It's unclear how malicious hackers broke into the website. ®

Related stories

• Online payment standards fall on deaf websites (3 June 2008)
• TJX employee fired for exposing shoddy security practices (23 May 2008)
• TJX credit card heist suspect, 2 others, accused of new scam (13 May 2008)
• US auto parts store spills data to hackers (1 April 2008)
• Hannaford cc data thieves planted malware on 300 servers (28 March 2008)
• Supermarket loses 4.2 million credit card details (18 March 2008)
• Personal data for 650,000 customers vanishes into thin air (18 January 2008)
• Information security breaches quadrupled in 2007 (2 January 2008)