Superdrug has warned its online customers to change their password after criminals claim to have obtained their personal information.
The group said the group claimed that they had stolen details from 20,000 customers, but that only 386 customers had been affected so far.
Names, addresses and "in some cases" date of birth and telephone numbers "may have been visited," says Superdrug.
No access was obtained to the details of the customer's payment card, he said.
Superdrug said there was "no evidence" that his systems had been compromised.
It said it believed that the criminals had received the e-mail addresses and passwords from customers of other websites "and then used that credentials to access accounts on our website".
The group had tried to extort a Superdrug ransom, it said.
The shopkeeper said he had affected all customers & # 39; which he thought were affected & # 39; directly & # 39; had logged in & # 39 ;.
A tweet was also posted and customers were told that the e-mail they sent was "genuine".
Some customers reacted angrily to the tweet and said the chain should have apologized.
Superdrug said it had informed the police and the national fraud and cybercrime weapon, Action Fraud, of the problem.
"We … will provide them with all the information they need for their research," they said.
Cyber attacks are a growing threat for companies.
Last year, Dixon's Carphone, which owns Carphone Warehouse and Currys PC World, had a huge data link with 10 million customers.
In 2015, TalkTalk was hit by a cyber attack that led to the theft of personal data from almost 157,000 customers.
The telecom company was fined £ 400 for the offense, with the Information Commissioner's office claiming that security was so bad that the attack "succeeded" with ease.