Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records.
It is investigating the hacking attempt, which began in July last year.
Dixons Carphone said it had no evidence that any of the cards had been used fraudulently following the breach.
There was “an attempt to compromise” 5.8 million credit and debit cards but only 105,000 cards without chip-and-pin protection had been leaked, it said.
The hackers had tried to gain access to one of the processing systems of Currys PC World and Dixons Travel stores, the firm said.
Dixons Carphone shares fell more than 3% in early trading.
‘Sorry for upset’
The 1.2 million personal data records accessed by the hackers consisted of non-financial information such as names, addresses and email addresses.
Carphone Warehouse said it had no evidence that the information had left its systems or resulted in any fraud, but it was contacting those affected to advise them.
It added that it had brought in leading cyber-experts and added extra security measures to its systems.
Dixons Carphone chief executive Alex Baldock said it was “extremely disappointed” by the data breach and “sorry for any upset”,
“The protection of our data has to be at the heart of our business, and we’ve fallen short here.
“We’ve taken action to close off this unauthorised access and though we have currently no evidence of fraud as a result of these incidents, we are taking this extremely seriously,” he added.
Bryan Glick, editor in chief of Computer Weekly, told the BBC that the breach was “right up there” as one of the biggest to date involving a UK company.
However, he cautioned against any panic. “If you’ve not heard from Dixons Carphone to warn you, the chances are you’re OK,” he said.
Carphone Warehouse is one of many High Street retailers feeling the strain of tough economic challenges.
Last month, it warned of a sharp fall in profits this year and said it would close 92 of its more than 700 Carphone Warehouse stores.