Online retailer Play.com customers could be at risk of receiving phishing emails after a data breach at a partner marketing company leaked names and email addresses.

In an email that started going out to its entire customer base on Monday, Play.com the company owned up to the issue without specifying its size or how it was discovered. Mercifully, credit card details do not appear to have been part of the leak.

“We take privacy and security very seriously and ensure all sensitive customer data is protected. Please be assured this issue has occurred outside of Play.com and no other personal customer information has been involved,” read the warning email.

The company goes on to ask its millions of customers to be on the lookout for emails asking for account details, card numbers or passwords.

This is sound advice but it is also possible that valuable data such as this will be used in ways unconnected to Play.com.

Play.com has reportedly had minor data protection issues in the past, but this is by far its most troubling incident to date.